The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account.
Metrics
Affected Vendors & Products
References
History
Sun, 24 Nov 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Fri, 15 Nov 2024 18:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dlink dsl6740c
|
|
CPEs | cpe:2.3:h:dlink:dsl6740c:-:*:*:*:*:*:*:* cpe:2.3:o:dlink:dsl6740c_firmware:-:*:*:*:*:*:*:* |
|
Vendors & Products |
Dlink dsl6740c
|
Tue, 12 Nov 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Dlink
Dlink dsl6740c Firmware |
|
CPEs | cpe:2.3:o:dlink:dsl6740c_firmware:*:*:*:*:*:*:*:* | |
Vendors & Products |
Dlink
Dlink dsl6740c Firmware |
|
Metrics |
ssvc
|
Mon, 11 Nov 2024 08:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account. | |
Title | D-Link DSL6740C - Incorrect Use of Privileged APIs | |
Weaknesses | CWE-648 | |
References |
| |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2024-11-11T08:05:18.980Z
Updated: 2024-11-24T14:51:21.810Z
Reserved: 2024-11-11T02:23:40.129Z
Link: CVE-2024-11068
Vulnrichment
Updated: 2024-11-24T14:51:21.810Z
NVD
Status : Modified
Published: 2024-11-11T08:15:08.850
Modified: 2024-11-24T15:15:06.707
Link: CVE-2024-11068
Redhat
No data.