← back
CVE-2014-8361

CVE-2014-8361

CVSS 9.8 CRITICALEPSS 100.0%● KEV
Vexday Risk Score
100Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 9.8EPSS 100.0%KEV simPoC públicaNuclei Metasploit simPatch
Lifecycle
05 Jul 2013Metasploit module available
01 May 2015Published on NVD
01 Jun 2015Public PoC
18 Sep 2023Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

A flaw in the Realtek SDK's miniigd SOAP service lets attackers run any code they want on affected devices by sending a specially crafted request. This is a critical vulnerability that has been actively exploited for years.

Technical detail

The miniigd SOAP service in Realtek SDK is vulnerable to unauthenticated remote code execution through a malformed NewInternalClient SOAP request. The vulnerability requires network access to the SOAP endpoint but no authentication; successful exploitation results in arbitrary code execution with device privileges.

Summary generated and translated by AI from the official description.
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found3
cve_referencewww.exploit-db.com/exploits/37169/unverifiedcve_referencepacketstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.htmlunverifiedexploitdbwww.exploit-db.com/exploits/37169unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://jvn.jp/en/jp/JVN47580234/index.htmlhttp://jvn.jp/en/jp/JVN67456944/index.htmlhttp://packetstormsecurity.com/files/132090/Realtek-SDK-Miniigd-UPnP-SOAP-Command-Execution.htmlhttp://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055https://sensorstechforum.com/hinatabot-cve-2014-8361-ddos/https://web.archive.org/web/20150909230440/http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10055https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2014-8361https://www.exploit-db.com/exploits/37169/http://www.securityfocus.com/bid/74330http://www.zerodayinitiative.com/advisories/ZDI-15-155/