CVE-2018-6530 - D-Link Multiple Routers OS Command Injection Vulnerability
Project:D-Link
Product:Multiple Routers
Date Added:2022-09-08Due Date:2022-09-29
Vulnerability Name
D-Link Multiple Routers OS Command Injection Vulnerability
Description
Multiple D-Link routers contain an unspecified vulnerability that allows for execution of OS commands.
Known To Be Used in Ransomware Campaigns?
Known
Action
The vendor D-Link published an advisory stating the fix under CVE-2018-20114 properly patches KEV entry CVE-2018-6530. If the device is still supported, apply updates per vendor instructions. If the affected device has since entered its end-of-life, it should be disconnected if still in use.
Additional Notes
https://supportannouncement.us.dlink.com/announcement/publication.aspx?name=SAP10105
https://nvd.nist.gov/vuln/detail/CVE-2018-6530
