CVE-2024-11062

Published Nov 11, 2024

Last updated 2 days ago

CVSS high 7.2

Overview

Description
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
Source
twcert@cert.org.tw
NVD status
Analyzed
CNA Tags
unsupported-when-assigned

Risk scores

CVSS 3.1

Type
Primary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

twcert@cert.org.tw
CWE-78

Social media

Hype score
Not currently trending

  1. 🚨🚨D-Link DSL-6740C Modem Exposed to Multiple Security Vulnerabilities CVE-2024-11068 (CVSS 9.8): Incorrect Use of Privileged APIs CVE-2024-11067 (CVSS 7.5): Arbitrary File Reading through Path Traversal CVE-2024-11062, 11063, 11064, 11065 , 11066(CVSS 7.2): OS Command Injection

    @zoomeye_team

    12 Nov 2024

    386 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-11062 Remote Command Injection Vulnerability in D-Link DSL6740C Modem The D-Link DSL6740C modem has a security flaw called OS Command Injection. It lets remote attackers with admin rights run any system ... https://t.co/hMSog8IA0t

    @VulmonFeeds

    11 Nov 2024

    40 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-11062 The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system co… https://t.co/q7RNLqBd8X

    @CVEnew

    11 Nov 2024

    476 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References