【Vulnerability Alert】High-Risk Security Vulnerability in D-Link DSL6740C Modem (CVE-2024-11068)
publish date :
2024-11-14
update date :
2024-11-21
Source: Ministry of education information & communication security contingency platform
| Publication Number | TACERT-ANA-2024111311110707 | Publication Time | 2024/11/13 00:00 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2024/11/13 00:00 |
| Impact Level | Medium | ||
| [Subject] 【Vulnerability Alert】High-Risk Security Vulnerability in D-Link DSL6740C Modem (CVE-2024-11068) |
|||
| [Content] Forwarded from TWCERTCC-200-202411-00000002 A vulnerability in the D-Link DSL6740C modem, classified as ""Incorrect Use of Privileged APIs"", has been identified. This flaw allows unauthorized remote attackers to modify the password of any user via specific APIs, subsequently enabling access to Web, SSH, and Telnet services with the compromised credentials. Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
| [Affected Platform] DSL6740C |
|||
| [Recommended Actions] As the affected device is no longer supported for updates, replacement of the device is strongly recommended. |
|||
| [Reference] https://www.twcert.org.tw/tw/cp-132-8227-f3f3b-1.html |
|||
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer:
Computer Center
