CVE-2018-10823

HIGH EXPLOITED IN THE WILD NUCLEI

D-Link DWR-116 < 1.06, DWR-512/DWR-712/DWR-912/DWR-921 < 2.02, DWR-111 < 1.01 - OS Command Injection via chkisg.htm

Title source: llm

Exploitation Summary

CVE-2018-10823 has been observed exploited in the wild (reported by VulnCheck KEV, InTheWild.io). EIP tracks 1 public exploit from researchers including Blazej Adamczyk. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a shell command injection vulnerability in D-Link routers via the chkisg.htm page's Sip parameter. An authenticated attacker can execute arbitrary commands, such as reading the passwd file, by injecting shell commands into the URL.

Description

An issue was discovered on D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. An authenticated attacker may execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals.

Exploits (1)

exploitdb WORKING POC

by Blazej Adamczyk · webappshardware

https://www.exploit-db.com/exploits/45676

View Code ZIP pw:eip

This exploit demonstrates a shell command injection vulnerability in D-Link routers via the chkisg.htm page's Sip parameter. An authenticated attacker can execute arbitrary commands, such as reading the passwd file, by injecting shell commands into the URL.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01

Auth required

Prerequisites: Authenticated access to the router's web interface

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1202 - Indirect Command Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

D-Link Routers - Remote Command Injection

HIGHby wisnupramoedya

References (2)

Core 2

Core References

Exploit, Mailing List, Third Party Advisory mailing-list x_refsource_fulldisc

https://seclists.org/fulldisclosure/2018/Oct/36

Exploit, Third Party Advisory x_refsource_misc

http://sploit.tech/2018/10/12/D-Link.html

Scores

CVSS v3 8.8

EPSS 0.9394

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2021-01-14

InTheWild.io 2018-10-19

CWE

CWE-78

Status published

Products (4)

dlink/dwr-111_firmware < 1.01

dlink/dwr-116_firmware < 1.06

dlink/dwr-512_firmware < 2.02

dlink/dwr-912_firmware < 2.02

Published Oct 17, 2018

Tracked Since Feb 18, 2026