Zero-Day Advisory
Fortinet Discovers Remote Code Execution Vulnerability in D-Link DIR868
Summary
Fortinet's FortiGuard Labs has discovered an unauthenticated remote code execution vulnerability in the DIR868 routers shipped by the company D-Link.
D-Link manufactures a series of network routers directly competing with Linksys and Asus routers.
A malicious user can forge an authentication request that will trigger an unauthenticated buffer overflow thus allowing remote code execution with higher privileges on the vulnerable devices.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:D-Link.DIR.800.Buffer.Overflow
Released Oct 18, 2017
Upgrade to version 1.21.
Timeline
Fortinet reported the vulnerability to D-Link on August 25, 2017.
D-Link confirmed the vulnerability on November 23, 2017.
D-Link patched the vulnerability on February 8, 2018.