go to Content

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center



D-Link DSL-7740C - Command Injection

TVN ID TVN-202005001
Public Date 2020-07-22
Affected Products DSL-7740C DSL7740C.V6.TR069.20180723
Description D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to inject arbitrary command.
CVE ID CVE-2020-12774
Solution Contact the manufacturer to update device firmware.
Credit Wei-Xiang Wang