CVEDB API

Vulnerabilities

Vulnerable Software

Dlink: >> Dsl6740c Firmware Security Vulnerabilities

CVE-2024-11067

The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to read arbitrary system files. Additionally, since the device's default password is a combination of the MAC address, attackers can obtain the MAC address through this vulnerability and attempt to log in to the device using the default password.

CVSS Score

7.5

EPSS Score

0.003

Published

2024-11-11

CVE-2024-11068

The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account.

CVSS Score

9.8

EPSS Score

0.004

Published

2024-11-11

CVE-2024-11065

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

CVSS Score

7.2

EPSS Score

0.008

Published

2024-11-11

CVE-2024-11066

CVSS Score

7.2

EPSS Score

0.008

Published

2024-11-11

CVE-2024-11063

CVSS Score

7.2

EPSS Score

0.008

Published

2024-11-11

CVE-2024-11064

CVSS Score

7.2

EPSS Score

0.008

Published

2024-11-11

CVE-2024-11062

CVSS Score

7.2

EPSS Score

0.008

Published

2024-11-11

Page 1

Vulnerabilities

Vulnerable Software

Dlink: >> Dsl6740c Firmware Security Vulnerabilities

Products

Pricing

Contact Us