Realtek SDK miniigd SOAP Service RCE

critical Nessus Plugin ID 83185

Synopsis

A software development kit running on the remote device is affected by a remote code execution vulnerability.

Description

According to its banner, the Realtek Software Development Kit is running on the remote device. It is, therefore, affected by a flaw in the miniigd SOAP service due to a failure to properly sanitize user input when handling NewInternalClient requests. An unauthenticated, remote attacker, using a crafted request, can exploit this to execute arbitrary code with root level privileges.

Solution

There is currently no fix available. As a workaround, restrict access to vulnerable devices.

See Also

https://www.zerodayinitiative.com/advisories/ZDI-15-155/

Plugin Details

Severity: Critical

ID: 83185

File Name: realtek_cve_2014_8361.nasl

Version: 1.13

Type: remote

Family: Misc.

Published: 5/1/2015

Updated: 11/22/2019

Configuration: Enable paranoid mode

Risk Information

VPR

Risk Factor: Critical

Score: 9.8

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.7

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: E:H/RL:OF/RC:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.4

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:realtek:realtek_sdk

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 4/24/2015

Exploitable With

Metasploit (Realtek SDK Miniigd UPnP SOAP Command Execution)

Reference Information

CVE: CVE-2014-8361

BID: 74330

ZDI: ZDI-15-155

EDB-ID: 37169