CVE-2024-11064

Published Nov 11, 2024

Last updated 2 days ago

CVSS high 7.2

Overview

Description
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system commands through a specific functionality provided by SSH and Telnet.
Source
twcert@cert.org.tw
NVD status
Analyzed
CNA Tags
unsupported-when-assigned

Risk scores

CVSS 3.1

Type
Primary
Base score
7.2
Impact score
5.9
Exploitability score
1.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

twcert@cert.org.tw
CWE-78

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2024-11064 (Published: 2024-11-11) - A high-severity vulnerability affects D-Link products. Ensure your devices are updated to the latest firmware to mitigate risks. Check the official advisory for detailed remediation steps: https://t.co/GZCWE8Qo3V #CyberSecurity #DLink

    @transilienceai

    15 Nov 2024

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-11064 OS Command Injection Exploit in D-Link DSL6740C Modem The D-Link DSL6740C modem has an OS Command Injection problem. Remote attackers with admin rights can inject and run any system commands. This ... https://t.co/iVniAoelvS

    @VulmonFeeds

    11 Nov 2024

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2024-11064 The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers with administrator privileges to inject and execute arbitrary system co… https://t.co/5qRpjO9iyv

    @CVEnew

    11 Nov 2024

    398 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References