CVE-2014-8361
Realtek SDK Improper Input Validation Vulnerability
CVSS
—
No CVSS
EPSS
100.0%
p100
KEV
YES
Sep 18, 2023
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Realtek / SDK
Vulnerability
Realtek SDK Improper Input Validation Vulnerability
Added to KEV
Sep 18, 2023
Remediate by
Oct 9, 2023
Known ransomware use
No
Summary description
Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request.
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notes
https://web.archive.org/web/20150831100501/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055; https://nvd.nist.gov/vuln/detail/CVE-2014-8361
No related CVEs by CWE or product.