Zero-Day Advisory
Fortinet Discovers Remote Code Execution Vulnerability in D-Link DIR868
Summary
Fortinet's FortiGuard Labs has discovered an unauthenticated remote code execution vulnerability in the DIR868 routers shipped by the company D-Link.
D-Link manufactures a series of network routers directly competing with Linksys and Asus routers.
A malicious user can forge an authentication request that will trigger an unauthenticated buffer overflow thus allowing remote code execution with higher privileges on the vulnerable devices.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:D-Link.DIR.800.Buffer.Overflow
Released Oct 18, 2017
Upgrade your router to version 1.21.
Acknowledgement
This vulnerability was discovered by Tony Loi of Fortinet's FortiGuard Labs.