CVE-2024-11062

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dsl6740c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl6740c:-:*:*:*:*:*:*:*

History

15 Nov 2024, 18:21

Type Values Removed Values Added
CPE cpe:2.3:h:dlink:dsl6740c:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl6740c_firmware:-:*:*:*:*:*:*:*
First Time Dlink dsl6740c
Dlink dsl6740c Firmware
Dlink
References () https://www.twcert.org.tw/en/cp-139-8228-1fbb0-2.html - () https://www.twcert.org.tw/en/cp-139-8228-1fbb0-2.html - Third Party Advisory
References () https://www.twcert.org.tw/tw/cp-132-8221-601c3-1.html - () https://www.twcert.org.tw/tw/cp-132-8221-601c3-1.html - Third Party Advisory

12 Nov 2024, 13:55

Type Values Removed Values Added
Summary
  • (es) El módem D-Link DSL6740C tiene una vulnerabilidad de inyección de comandos del sistema operativo, que permite a atacantes remotos con privilegios de administrador inyectar y ejecutar comandos de sistema arbitrarios a través de una funcionalidad específica proporcionada por SSH y Telnet.

11 Nov 2024, 08:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-11-11 08:15

Updated : 2024-11-15 18:21


NVD link : CVE-2024-11062

Mitre link : CVE-2024-11062

CVE.ORG link : CVE-2024-11062


JSON object : View

Products Affected

dlink

  • dsl6740c_firmware
  • dsl6740c
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')