CVE-2024-11062

CWE-78OS Command Injection3 documents3 sources
Severity
7.2HIGH
EPSS
0.9%
top 25.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
D-link Dsl6740c
Timeline
PublishedNov 11

Description

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages1 packages

CVEListV5d-link/dsl6740c0

🔴Vulnerability Details

2
GHSA
GHSA-3pg4-7fgq-vhrc: The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arb2024-11-11
CVEList
D-Link DSL6740C - OS Command Injection2024-11-11
CVE-2024-11062 (HIGH CVSS 7.2) | The D-Link DSL6740C modem has an OS | cvebase.io