PT-2024-8173 · D Link · D-Link Dsl6740C
Chiao-Lin Yu
+1
·
Published
2024-11-11
·
Updated
2024-11-15
·
CVE-2024-11064
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
D-Link DSL6740C modem (affected versions not specified)
Description:
The D-Link DSL6740C modem has an OS Command Injection issue, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and
Telnet. This vulnerability is related to the implementation of SSH and Telnet protocols in the modem's firmware, which fails to neutralize special elements used in the operating system command.Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
D-Link Dsl6740C