Intrusion PreventionD-Link.Central.WiFiManager.FTP.Server.PHP.File.Upload
Description
This indicates an attack attempt to exploit an Code Execution Vulnerability in D-Link Central WiFiManager.
The vulnerability is due to hard-coded credentials in the FTP server. A remote attacker can exploit this to upload and execute arbitrary php code on affected devices.
Affected Products
D-Link Central WiFi Manager before v 1.03r0100-Beta1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's advisory for updates:
https://securityadvisories.dlink.com/announcement/publication.aspx?name=SAP10092
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-06-06 | 14.627 | Severity:high:critical |
| 2018-11-29 | 13.500 | Default_action:pass:drop |
| 2018-11-16 | 13.492 | Modified |
| 2018-11-07 | 13.486 |
References
https://www.exploit-db.com/exploits/45533/| ID | 47053 |
| Created | Nov 07, 2018 |
| Updated | Jun 06, 2022 |
| Risk |
|
| CVE ID | CVE-2018-17443 CVE-2018-17442 CVE-2018-17441 CVE-2018-17440 |
| Exploit Prediction Score | 0.68% |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |