The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through the specific web page.
History

Sun, 24 Nov 2024 15:30:00 +0000


Fri, 15 Nov 2024 18:45:00 +0000

Type Values Removed Values Added
First Time appeared Dlink dsl6740c
CPEs cpe:2.3:h:dlink:dsl6740c:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl6740c_firmware:-:*:*:*:*:*:*:*
Vendors & Products Dlink dsl6740c

Tue, 12 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
First Time appeared Dlink
Dlink dsl6740c Firmware
CPEs cpe:2.3:o:dlink:dsl6740c_firmware:*:*:*:*:*:*:*:*
Vendors & Products Dlink
Dlink dsl6740c Firmware
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Mon, 11 Nov 2024 08:00:00 +0000

Type Values Removed Values Added
Description The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through the specific web page.
Title D-Link DSL6740C - OS Command Injection
Weaknesses CWE-78
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}


cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published: 2024-11-11T07:49:38.566Z

Updated: 2024-11-24T14:50:34.900Z

Reserved: 2024-11-11T02:23:36.179Z

Link: CVE-2024-11066

cve-icon Vulnrichment

Updated: 2024-11-24T14:50:34.900Z

cve-icon NVD

Status : Modified

Published: 2024-11-11T08:15:07.730

Modified: 2024-11-24T15:15:06.387

Link: CVE-2024-11066

cve-icon Redhat

No data.