go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

D-Link DSL6740C - OS Command Injection

TVN ID TVN-202411007
CVE ID CVE-2024-11062
CVSS 7.2 (High)
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected Products DSL6740C
Description The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
Solution The affected devices are no longer supported for updates. It is recommended to replace the devices.
Credit Chiao-Lin Yu (Steven Meow)
Public Date 2024-11-11
Top