The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/en/cp-139-8234-0514c-2.html | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-8227-f3f3b-1.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
15 Nov 2024, 18:24
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.twcert.org.tw/en/cp-139-8234-0514c-2.html - Third Party Advisory | |
References | () https://www.twcert.org.tw/tw/cp-132-8227-f3f3b-1.html - Third Party Advisory | |
First Time |
Dlink dsl6740c Firmware
Dlink Dlink dsl6740c |
|
CPE | cpe:2.3:o:dlink:dsl6740c_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:dlink:dsl6740c:-:*:*:*:*:*:*:* |
12 Nov 2024, 13:55
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
11 Nov 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-11 08:15
Updated : 2024-11-15 18:24
NVD link : CVE-2024-11068
Mitre link : CVE-2024-11068
CVE.ORG link : CVE-2024-11068
JSON object : View
Products Affected
dlink
- dsl6740c
- dsl6740c_firmware
CWE
CWE-648
Incorrect Use of Privileged APIs