1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Realtek SDK RCE CVE-2014-8361

Web Attack: Realtek SDK RCE CVE-2014-8361

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Realtek rtl81xx SDK.

Additional Information

Realtek rtl81xx SDK is prone to a remote code execution vulnerability because it fails to properly sanitize user supplied data when handling the NewInternalClient requests. Specifically, this issue affects the 'miniigd' SOAP service. An attacker can exploit this issue to execute arbitrary code with root privileges.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

Affected

  • Realtek rtl81xx SDK
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube