D-Link DSL6740C Modem Exposed to OS Command Injection Attacks

CVE-2024-11065
7.2HIGH

Key Information

Vendor
D-link
Status
Dsl6740c
Vendor
CVE Published:
11 November 2024

Summary

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

Affected Version(s)

DSL6740C = 0

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability Reserved.

  • Vulnerability published.

Collectors

NVD DatabaseMitre Database
.