Cyber Resilience

CVE-2014-8361

CriticalCISA KEVActive ExploitationEUVD ExploitedPublic PoC

Published: 01 May 2015

Published
01 May 2015
Modified
22 April 2026
KEV Added
18 September 2023
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.9402 99.9th percentile
Risk Priority 96 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2014-8361 is a critical-severity an unspecified weakness vulnerability in Dlink Dir-605L Firmware. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 0.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-7 (Boundary Protection) and SI-10 (Information Input Validation).

Deeper analysis

The miniigd SOAP service in Realtek SDK is affected by CVE-2014-8361, a remote code execution vulnerability that can be triggered by sending a crafted NewInternalClient request to the service. The flaw carries a CVSS 3.1 base score of 9.8, reflecting network-accessible attack vectors that require no authentication or user interaction and result in complete compromise of confidentiality, integrity, and availability.

Remote attackers can exploit the issue over the network to execute arbitrary code on affected devices. Public records indicate the vulnerability has been exploited in the wild through at least 2023.

Multiple vendor and third-party advisories, including D-Link SAP10055 and Japan Vulnerability Notes JVN47580234 and JVN67456944, document the issue along with related exploit artifacts published on Packet Storm and SecurityFocus.

EU & UK References

Vulnerability details

The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.

CWE(s)
KEV Date Added
18 September 2023

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

dlink
dir-905l firmware
≤ 2.05b01
dlink
dir-605l firmware
≤ 1.14b06 · ≤ 2.07b02 · ≤ 3.03b07
dlink
dir-600l firmware
≤ 1.15 · ≤ 2.056b06
dlink
dir-619l firmware
≤ 1.15 · ≤ 2.07b02
dlink
dir-809 firmware
≤ 1.04b02
dlink
dir-900l firmware
≤ 1.15b01
realtek
realtek sdk
all versions
dlink
dir-501 firmware
≤ 1.01b04
dlink
dir-515 firmware
≤ 1.01b04
dlink
dir-615 firmware
10.01b02 · ≤ 6.06b03
+16 more product configuration(s) — see NVD for full list

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly blocks the crafted NewInternalClient SOAP request that triggers arbitrary code execution in the miniigd service.

prevent

Restricts network-accessible exposure of the unauthenticated miniigd SOAP service, eliminating the remote attack vector.

prevent

Disables or removes the unnecessary miniigd SOAP service entirely, preventing exploitation of the vulnerable Realtek SDK component.

References