CVE-2024-11068
published 2024-11-11CVE-2024-11068: The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by…
PriorityP268critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.17%
63.6th percentile
The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unauthenticated remote attackers to modify any user’s password by leveraging the API, thereby granting access to Web, SSH, and Telnet services using that user’s account.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| d-link | dsl6740c | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Internet-exposed D-Link DSL6740C modems are at risk; internet scans have returned tens of thousands of exposed endpoints for this EoL device ↗
- ·CVE-2024-11068 affects the D-Link DSL6740C modem (EoL device); no patch will be released by D-Link — all hardware and firmware revisions are affected ↗
- ·Technical exploitation details have been withheld from public disclosure to reduce mass exploitation risk ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bleepingcomputer
D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
blogs_bleepingcomputer·2024-11-19
D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
## D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
## Bill Toulas
D-Link is warning customers to replace end-of-life VPN router models after a critical unauthenticated, remote code execution vulnerability was discovered that will not be fixed on these devices.
The flaw was discovered and reported to D-Link by security researcher 'delsploit,' but technical details have been withheld from the public to avoid triggering mass exploitation attempts in the wild.
The vulnerability, which does not have a CVE assigned to it yet, impacts all hardware and firmware revisions of DSR-150 and DSR-150N, and also DSR-250 and DSR-250N from firmware 3.13 to 3.17B901C.
These VPN routers, popular in home office and small business settings, were sold internationally and reached their
Bleepingcomputer
D-Link won’t fix critical bug in 60,000 exposed EoL modems
blogs_bleepingcomputer·2024-11-12·CVSS 7.2
CVE-2024-11068 [HIGH] D-Link won’t fix critical bug in 60,000 exposed EoL modems
## D-Link won’t fix critical bug in 60,000 exposed EoL modems
## Bill Toulas
In an advisory today, D-Link announced that it won't fix the issue and recommends "retiring and replacing D-Link devices that have reached EOL/EOS."
Chaio-Lin Yu reported to TWCERTCC two other vulnerabilities, an OS command injection and a path traversal issue:
The three flaws issues are summarized as follows:
CVE-2024-11068 : Flaw that allows unauthenticated attackers to modify any user’s password through privileged API access, granting them access to the modem’s Web, SSH, and Telnet services. (CVSS v3 score: 9.8 “critical”).
CVE-2024-11067 : Path traversal vulnerability allowing unauthenticated attackers to read arbitrary system files, retrieve the device’s MAC address, and attempt login using the default
2024-11-11
Published