← volver
CVE-2024-11068

D-Link DSL6740C - Incorrect Use of Privileged APIs

CVSS 9.8 CRITICALEPSS 1.2%CWE-648
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
D-Link · DSL6740C

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.bleepingcomputer.com/news/security/d-link-wont-fix-critical-bug-in-60-000-exposed-eol-modems/https://www.twcert.org.tw/en/cp-139-8234-0514c-2.htmlhttps://www.twcert.org.tw/tw/cp-132-8227-f3f3b-1.html