{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2014-8361", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-02-07T21:58:17.986Z", "dateReserved": "2014-10-20T00:00:00.000Z", "datePublished": "2015-05-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-09-05T21:35:13.232Z"}, "descriptions": [{"lang": "en", "value": "The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-155/"}, {"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055"}, {"url": "http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.html"}, {"name": "74330", "tags": ["vdb-entry"], "url": "http://www.securityfocus.com/bid/74330"}, {"name": "37169", "tags": ["exploit"], "url": "https://www.exploit-db.com/exploits/37169/"}, {"name": "JVN#47580234", "tags": ["third-party-advisory"], "url": "http://jvn.jp/en/jp/JVN47580234/index.html"}, {"name": "JVN#67456944", "tags": ["third-party-advisory"], "url": "http://jvn.jp/en/jp/JVN67456944/index.html"}, {"url": "https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/"}, {"url": "https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}], "datePublic": "2015-04-30T00:00:00.000Z"}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:18:47.756Z"}, "title": "CVE Program Container", "references": [{"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-155/", "tags": ["x_transferred"]}, {"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.html", "tags": ["x_transferred"]}, {"name": "74330", "tags": ["vdb-entry", "x_transferred"], "url": "http://www.securityfocus.com/bid/74330"}, {"name": "37169", "tags": ["exploit", "x_transferred"], "url": "https://www.exploit-db.com/exploits/37169/"}, {"name": "JVN#47580234", "tags": ["third-party-advisory", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN47580234/index.html"}, {"name": "JVN#67456944", "tags": ["third-party-advisory", "x_transferred"], "url": "http://jvn.jp/en/jp/JVN67456944/index.html"}, {"url": "https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/", "tags": ["x_transferred"]}, {"url": "https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-02-07T21:57:55.692724Z", "id": "CVE-2014-8361", "options": [{"Exploitation": "Active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2023-09-18", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-8361"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-07T21:58:17.986Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-155/", "tags": ["x_transferred"]}, {"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055", "tags": ["x_transferred"]}, {"url": "http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.html", "tags": ["x_transferred"]}, {"url": "http://www.securityfocus.com/bid/74330", "name": "74330", "tags": ["vdb-entry", "x_transferred"]}, {"url": "https://www.exploit-db.com/exploits/37169/", "name": "37169", "tags": ["exploit", "x_transferred"]}, {"url": "http://jvn.jp/en/jp/JVN47580234/index.html", "name": "JVN#47580234", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "http://jvn.jp/en/jp/JVN67456944/index.html", "name": "JVN#67456944", "tags": ["third-party-advisory", "x_transferred"]}, {"url": "https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/", "tags": ["x_transferred"]}, {"url": "https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:18:47.756Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2014-8361", "role": "CISA Coordinator", "options": [{"Exploitation": "Active"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-02-07T21:57:55.692724Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2023-09-18", "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2014-8361"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-03T15:41:24.395Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-30T00:00:00.000Z", "references": [{"url": "http://www.zerodayinitiative.com/advisories/ZDI-15-155/"}, {"url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055"}, {"url": "http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.html"}, {"url": "http://www.securityfocus.com/bid/74330", "name": "74330", "tags": ["vdb-entry"]}, {"url": "https://www.exploit-db.com/exploits/37169/", "name": "37169", "tags": ["exploit"]}, {"url": "http://jvn.jp/en/jp/JVN47580234/index.html", "name": "JVN#47580234", "tags": ["third-party-advisory"]}, {"url": "http://jvn.jp/en/jp/JVN67456944/index.html", "name": "JVN#67456944", "tags": ["third-party-advisory"]}, {"url": "https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/"}, {"url": "https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055"}], "descriptions": [{"lang": "en", "value": "The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2023-09-05T21:35:13.232Z"}}}, "cveMetadata": {"cveId": "CVE-2014-8361", "state": "PUBLISHED", "dateUpdated": "2025-02-07T21:58:17.986Z", "dateReserved": "2014-10-20T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2015-05-01T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cisaActionDue": "2023-10-09", "cisaExploitAdd": "2023-09-18", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Realtek SDK Improper Input Validation Vulnerability", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-905l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "05CB91FD-6322-48FB-8CCE-3E7DDB622063", "versionEndIncluding": "2.05b01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-905l:a1:*:*:*:*:*:*:*", "matchCriteriaId": "F50CC55A-1EA1-4096-8489-1CE1E991B305", "vulnerable": false}, {"criteria": "cpe:2.3:h:dlink:dir-905l:b1:*:*:*:*:*:*:*", "matchCriteriaId": "21EDEA1E-6F3C-4E92-A732-270D1E086576", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "01D15D52-C442-4ABE-917C-A50908082089", "versionEndIncluding": "1.14b06", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-605l:a1:*:*:*:*:*:*:*", "matchCriteriaId": "CA9038E9-8519-4DC7-8843-74ADB3527A3F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "90962768-A07F-4A1E-9500-F743FD1ECA96", "versionEndIncluding": "1.15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-600l:a1:*:*:*:*:*:*:*", "matchCriteriaId": "F75E7D9C-03BE-4301-AF9E-9929C33F4EEA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-619l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "22544CBE-CE28-4E13-99CD-9855A76F8EDF", "versionEndIncluding": "1.15", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-619l:a1:*:*:*:*:*:*:*", "matchCriteriaId": "3271958C-23CD-4937-A21A-905A18ECA736", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-619l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2FCD4837-81DE-4C00-AC6C-0E7D6036E1D6", "versionEndIncluding": "2.07b02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-619l:b1:*:*:*:*:*:*:*", "matchCriteriaId": "6F28B093-482C-4105-A89D-8B1F1FFD59E9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "89CE2A47-DC82-49A7-874E-C9533E153ECF", "versionEndIncluding": "2.07b02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-605l:b1:*:*:*:*:*:*:*", "matchCriteriaId": "1B1FC91F-1B77-406F-ADB5-98B07866601E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-605l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7B8247C1-8A71-4004-8ECE-1984335D697D", "versionEndIncluding": "3.03b07", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-605l:c1:*:*:*:*:*:*:*", "matchCriteriaId": "4DD38B14-B291-423A-912C-B1BB2070A9C9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-600l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C66EAA7D-A420-4CBF-AD01-754983012129", "versionEndIncluding": "2.056b06", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-600l:b1:*:*:*:*:*:*:*", "matchCriteriaId": "6966FB89-8C98-4FA3-B4CA-21CAD495A830", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-809_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CCC25F5-5E8A-4164-84D8-DDC0D3519E2B", "versionEndIncluding": "1.04b02", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-809:a1:*:*:*:*:*:*:*", "matchCriteriaId": "184F3169-C4BE-4ABF-AFED-B8D39522092F", "vulnerable": false}, {"criteria": "cpe:2.3:h:dlink:dir-809:a2:*:*:*:*:*:*:*", "matchCriteriaId": "6CE2F27F-A180-4459-8D73-5544568BB53D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-900l_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F3757810-6826-4389-8621-A87267D71B64", "versionEndExcluding": "1.15b01", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-900l:a1:*:*:*:*:*:*:*", "matchCriteriaId": "2396542D-7E98-41B4-9BF1-31CE699B0FF9", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:realtek:realtek_sdk:-:*:*:*:*:*:*:*", "matchCriteriaId": "62471288-17B2-4FCA-A673-CC4B24FB6262", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-501_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1C1339C5-FD81-4885-AF24-A05BC1A3B02A", "versionEndIncluding": "1.01b04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-501:a1:*:*:*:*:*:*:*", "matchCriteriaId": "7A8C6464-A044-4C0B-8ADB-C2F61C3009E5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-515_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5FA66695-A646-4AB9-B128-A3D87C4C8284", "versionEndIncluding": "1.01b04", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-515:a1:*:*:*:*:*:*:*", "matchCriteriaId": "037A3A92-EC1C-41AC-A93A-7319E8E98240", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-615_firmware:10.01b02:*:*:*:*:*:*:*", "matchCriteriaId": "17FD57FF-A596-4151-860C-3F0486CD85F4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-615:j1:*:*:*:*:*:*:*", "matchCriteriaId": "30B14CF6-4239-4BAB-ABA0-284AFDA2C9E8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:dlink:dir-615_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F41E73AD-5615-4084-AC4E-516A934303CA", "versionEndIncluding": "6.06b03", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:dlink:dir-615:fx:*:*:*:*:*:*:*", "matchCriteriaId": "63134C26-FEA9-4EF5-97D9-FEDA14B34516", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1900hp2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A05F11D3-7701-4152-9937-04D7134B4FE6", "versionEndIncluding": "1.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1900hp2:-:*:*:*:*:*:*:*", "matchCriteriaId": "E007A9B5-74FE-4230-9E3E-ACEA89FCABA8", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1900hp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D0DD2168-9BE3-49E8-952D-4775911C04D6", "versionEndIncluding": "2.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1900hp:-:*:*:*:*:*:*:*", "matchCriteriaId": "70FC2B64-D47F-42DF-B9B4-7FB07F98A150", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1800hp4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BCE7372C-DB92-419F-877C-CCE0DC3EBD6C", "versionEndIncluding": "1.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1800hp4:-:*:*:*:*:*:*:*", "matchCriteriaId": "B9BB5205-0D2E-43AF-B228-9C728B404EA3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1800hp3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DBDC178B-2033-47EA-B6CC-99880D5772A2", "versionEndIncluding": "1.5.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1800hp3:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD47CE10-EBD2-49A9-9F1A-B77A502AC196", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1200hs2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "424AB1C2-6C52-4416-8983-53D4BCAA0F80", "versionEndIncluding": "2.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1200hs2:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC88BDE5-19B4-4EF4-8C14-2DEB8EAD3D91", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1200hp3_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7ED15E56-530C-42A3-B3D3-9F1090C524D5", "versionEndIncluding": "1.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1200hp3:-:*:*:*:*:*:*:*", "matchCriteriaId": "F13C13D3-FB31-4E20-A5D4-992D4CF6BBCC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1200hp2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7FDD550-9FDE-4001-933E-51FF4FBDC5AA", "versionEndIncluding": "2.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1200hp2:-:*:*:*:*:*:*:*", "matchCriteriaId": "347DFD5E-56E0-473F-A2B1-E3FD2E99573A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:w1200ex_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "88A2A125-9991-459A-99D2-5158B72372BD", "versionEndIncluding": "1.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:w1200ex:-:*:*:*:*:*:*:*", "matchCriteriaId": "A6D0D008-E851-4756-87E4-5FA60EE65040", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:w1200ex-ms_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C69CCDC3-BB41-45F2-987D-674FAD937F40", "versionEndIncluding": "1.3.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:w1200ex-ms:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBD0A960-9FA2-4838-A867-7AC688749771", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1200hs_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "8C5C80AB-4775-4D46-9FC7-C341CEAB08A0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1200hs:-:*:*:*:*:*:*:*", "matchCriteriaId": "05C494FC-4284-4325-A05C-DDAAF86857F7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wg1200hp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BC81201F-93A7-4B54-A7FE-51E4FD12AE54", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wg1200hp:-:*:*:*:*:*:*:*", "matchCriteriaId": "E80DDB01-BA42-40E1-91A3-EBFCEC3F8A49", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wf800hp_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4D83ABC6-AB7F-494C-B386-EB4212F50C55", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wf800hp:-:*:*:*:*:*:*:*", "matchCriteriaId": "141077D2-4439-44AA-9BD1-C60E253B4C6F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wf300hp2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0EF09945-D1B9-45FF-87DF-1573DB5F51BC", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wf300hp2:-:*:*:*:*:*:*:*", "matchCriteriaId": "514DD5D5-E44F-432E-AE87-25DDA62636AB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:wr8165n_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "08699FDC-5E04-4CF3-9C9A-9231795A6420", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:wr8165n:-:*:*:*:*:*:*:*", "matchCriteriaId": "90FC20CF-70E5-4E50-A383-E24CB0987280", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:w500p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "54E372D5-C699-4ED4-9AB3-326ADC9834BB", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:w500p:-:*:*:*:*:*:*:*", "matchCriteriaId": "C9CC1968-0B25-4324-AB07-688B32770220", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:aterm:w300p_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6B02F690-7098-4C8C-B453-3EC8C01F0343", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:aterm:w300p:-:*:*:*:*:*:*:*", "matchCriteriaId": "A810B81E-8EE7-4F63-9380-7C68CB33B404", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023."}, {"lang": "es", "value": "El servicio SOAP miniigd en Realtek SDK permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de una solicitud NewInternalClient manipulada espec\u00edficamente, como se explot\u00f3 de forma activa hasta 2023."}], "id": "CVE-2014-8361", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 10.0, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2015-05-01T15:59:01.287", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://jvn.jp/en/jp/JVN47580234/index.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://jvn.jp/en/jp/JVN67456944/index.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055"}, {"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/74330"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-155/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/37169/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://jvn.jp/en/jp/JVN47580234/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://jvn.jp/en/jp/JVN67456944/index.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/74330"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.zerodayinitiative.com/advisories/ZDI-15-155/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/37169/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}