CVE-2023-43128

Vulnerability

The D-Link DIR-806 wireless router (model DIR806A1, firmware version FW100CNb11) contains a command injection vulnerability in the handling of the HTTP_ST parameter. Insufficient input validation allows injecting operating system commands via this parameter. The vulnerable firmware is FW100CNb11 for the DIR806A1 hardware revision.

Exploitation

An attacker can exploit this vulnerability by sending a crafted HTTP request to the router's web interface that includes malicious payloads within the HTTP_ST parameter. The attacker does not need prior authentication and can trigger the injection remotely over the network [1]. No user interaction beyond accessing the affected service is required.

Impact

Successful exploitation enables an unauthenticated remote attacker to execute arbitrary commands on the underlying operating system of the router with root privileges. This can lead to full compromise of the device, including data exfiltration, installation of malware, or use of the router as a pivot for further attacks on the internal network.

Mitigation

As of the publication date (2023-09-21), no official patch or firmware update has been released by D-Link to address this vulnerability [1]. Users are advised to restrict remote access to the router's management interface, place the device behind a firewall, and monitor for any security advisories from D-Link regarding this issue.