February 17, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
An Emerging Ducktail Infostealer – Active IOCs
November 12, 2024Amazon Confirms Breach of Employee Data Following Vendor Intrusion
November 12, 2024An Emerging Ducktail Infostealer – Active IOCs
November 12, 2024Amazon Confirms Breach of Employee Data Following Vendor Intrusion
November 12, 2024
Severity
High
Analysis Summary
CVE-2024-11068 CVSS:9.8
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account.
CVE-2024-11067 CVSS:7.5
D-Link DSL6740C modem could allow a remote attacker to traverse directories on the system, caused by improper validation of user-supplied request. An attacker could send a specially crafted URL request to the root/run/adm.php script containing "dot dot" sequences (/../) in the efile parameter to create arbitrary files on the system.
CVE-2024-11066 CVSS:7.2
D-Link DSL6740C modem could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in an unspecified web page. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-11065 CVSS:7.2
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
CVE-2024-11063 CVSS:7.2
D-Link DSL6740C modem could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a command injection flaw in the SSH and Telnet components. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-11064 CVSS:7.2
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
Impact
- Gain Access
Indicators of Compromise
CVE
- CVE-2024-11068
- CVE-2024-11067
- CVE-2024-11066
- CVE-2024-11065
- CVE-2024-11063
- CVE-2024-11064
Affected Vendors
D-Link
Affected Products
- D-Link DSL6740C - 0
- D-Link DSL6740C
Remediation
Refer to D-Link Security Advisory for patch, upgrade, or suggested workaround information.