Vulnerability — CVE-2018-6530

CVE-2018-6530

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2018-6530
Description:: OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.
Last updated date:: 03/27/2018

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 09/06/2022
Reference url to background: https://unit42.paloaltonetworks.com/moobot-d-link-devices/

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 09/08/2022
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/27/2018
Reference url to background: https://github.com/TheBeeMan/Pwning-multiple-dlink-router-via-SOAP-proto