CVE-2018-6530
Summary
| CVE | CVE-2018-6530 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-03-06 20:29:00 UTC |
| Updated | 2023-11-08 21:19:00 UTC |
| Description | OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter. |
Risk And Classification
EPSS: 0.942940000 probability, percentile 0.999430000 (date 2026-04-02)
CISA KEV: Listed on 2022-09-08; due 2022-09-29; ransomware use Known
Problem Types: CWE-78
CISA Known Exploited Vulnerability
| Vendor | D-Link |
|---|---|
| Product | Multiple Routers |
| Name | D-Link Multiple Routers OS Command Injection Vulnerability |
| Required Action | The vendor D-Link published an advisory stating the fix under CVE-2018-20114 properly patches KEV entry CVE-2018-6530. If the device is still supported, apply updates per vendor instructions. If the affected device has since entered its end-of-life, it should be disconnected if still in use. |
| Notes | https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10105; https://nvd.nist.gov/vuln/detail/CVE-2018-6530 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | D-link | Dir-860l | - | All | All | All |
| Hardware | D-link | Dir-860l | - | All | All | All |
| Operating System | D-link | Dir-860l Firmware | All | All | All | All |
| Hardware | D-link | Dir-865l | - | All | All | All |
| Hardware | D-link | Dir-865l | - | All | All | All |
| Operating System | D-link | Dir-865l Firmware | All | All | All | All |
| Hardware | D-link | Dir-868l | - | All | All | All |
| Hardware | D-link | Dir-868l | - | All | All | All |
| Operating System | D-link | Dir-868l Firmware | All | All | All | All |
| Hardware | D-link | Dir-880l | - | All | All | All |
| Hardware | D-link | Dir-880l | - | All | All | All |
| Operating System | D-link | Dir-880l Firmware | All | All | All | All |
| Hardware | Dlink | Dir-860l | - | All | All | All |
| Operating System | Dlink | Dir-860l Firmware | All | All | All | All |
| Hardware | Dlink | Dir-865l | - | All | All | All |
| Operating System | Dlink | Dir-865l Firmware | All | All | All | All |
| Hardware | Dlink | Dir-868l | - | All | All | All |
| Operating System | Dlink | Dir-868l Firmware | All | All | All | All |
| Hardware | Dlink | Dir-880l | - | All | All | All |
| Operating System | Dlink | Dir-880l Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| GitHub - TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto: 日前我发现了D-Link DIR 880L/865L/868L/860L路由器存在多个XSS和命令注入漏洞,最主要的问题是路由器未对用户输入进行检查,导致恶意数据请求被执行,最终被远程攻击者控制整个设备。 | MISC | github.com | Exploit, Third Party Advisory |
| ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-865L/REVA/DIR-865L_REVA_FIRMWARE_PAT... | CONFIRM | ftp2.dlink.com | Release Notes, Vendor Advisory |
| ftp2.dlink.com/SECURITY_ADVISEMENTS/DIR-880L/REVA/DIR-880L_REVA_FIRMWARE_PAT... | CONFIRM | ftp2.dlink.com | Release Notes, Vendor Advisory |
| FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-860L/REVA/DIR-860L_REVA_FIRMWARE_PAT... | CONFIRM | FTP2.DLINK.COM | Release Notes, Vendor Advisory |
| FTP2.DLINK.COM/SECURITY_ADVISEMENTS/DIR-868L/REVA/DIR-868L_REVA_FIRMWARE_PAT... | CONFIRM | FTP2.DLINK.COM | Release Notes, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.