CVE-2014-8361 is a vulnerability in Realtek Sdk
Published on May 1, 2015
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
Known Exploited Vulnerability
This Realtek SDK Improper Input Validation Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request.
The following remediation steps are recommended / required by October 9, 2023: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Vulnerability Analysis
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2014-8361
You can be notified by stack.watch whenever vulnerabilities like CVE-2014-8361 are published in these products:
What versions of Realtek Sdk are vulnerable to CVE-2014-8361?
Each of the following must match for the vulnerability to exist.
Each of the following must match for the vulnerability to exist.
Each of the following must match for the vulnerability to exist.
-
Realtek Sdk
Version -
Each of the following must match for the vulnerability to exist.
Each of the following must match for the vulnerability to exist.