A critical vulnerability (CVE-2023-5152) has been discovered in unsupported D-Link DAR-700 and DAR-800 devices, specifically in models up to the 20151231 firmware version. This vulnerability is associated with a SQL injection issue in the /importexport.php file, which potentially allows a remote attacker to manipulate the database. The vulnerability identifier is VDB-240248.
Please note that this vulnerability only affects devices that are no longer supported by D-Link, and the vendor has confirmed that the affected products are at their end of life (EOL). It is advised to retire and replace these devices as soon as possible.
Code Snippet
The vulnerability exists in the /importexport.php file, where the manipulation of the 'sql' argument can lead to a SQL injection attack. An example code snippet highlighting the vulnerable parameter is as follows:
// importexport.php
$import_sql = $_GET['sql'];
// Vulnerable to SQL injection
$result = mysqli_query($conn, $import_sql);
Exploit Details
The vulnerability can be exploited remotely by sending a crafted HTTP request to the vulnerable device containing malicious SQL commands via the 'sql' parameter. For example:
http://<IP_ADDRESS>/importexport.php?sql=malicious_query_here
Since the 'sql' argument is not sanitized properly, an attacker can execute arbitrary SQL commands to manipulate the database, possibly leading to unauthorized access to sensitive information, privilege escalation, or other security compromises.
For more details on the vulnerability and its impact, please consult the following resources
1. Vulnerability Database - VDB-240248
2. CVE Details - CVE-2023-5152
Recommendations
As this vulnerability affects unsupported products, the best course of action is to retire and replace the affected D-Link DAR-700 and DAR-800 devices. It is critical for businesses and users to keep their network hardware and software up-to-date to maintain the highest level of security. Always follow the manufacturer's recommendations for updating and replacing end-of-life equipment.
Timeline
Published on: 09/25/2023 02:15:10 UTC
Last modified on: 11/16/2023 03:06:57 UTC