CVE-2024-11064OS Command Injection in D-link Dsl6740c

CWE-78OS Command Injection3 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.9%
top 25.02%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
D-link Dsl6740c
Timeline
PublishedNov 11

Description

The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages1 packages

CVEListV5d-link/dsl6740c0

🔴Vulnerability Details

2
GHSA
GHSA-pm76-x9fx-5pr6: The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arb2024-11-11
CVEList
D-Link DSL6740C - OS Command Injection2024-11-11
CVE-2024-11064 — OS Command Injection in D-link | cvebase