go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

D-Link DSL6740C - Incorrect Use of Privileged APIs

TVN ID TVN-202411013
CVE ID CVE-2024-11068
CVSS 9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products DSL6740C
Description The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account.
Solution The affected devices are no longer supported for updates. It is recommended to replace the devices.
Credit Chiao-Lin Yu (Steven Meow)
Public Date 2024-11-11
Top