CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-11068

Medium Severity
Dlink
SVRS
30/100
CVSSv3
NA/10
EPSS
0.00192/1

CVE-2024-11068: D-Link modem vulnerability allows unauthorized password modification. This flaw enables remote attackers to change user passwords on D-Link DSL6740C modems without authentication. The Incorrect Use of Privileged APIs (CWE-648) permits gaining access to Web, SSH, and Telnet services using the compromised user accounts. While the CVSS score is 0, SOCRadar's SVRS of 30 indicates a moderate risk. Successful exploitation could lead to complete system compromise. This is a significant security concern for users of the D-Link DSL6740C. Immediate patching or mitigation is advisable to prevent unauthorized access.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2024-11-11
LAST MODIFIED2024-11-15
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-11068 affects the D-Link DSL6740C modem, exploiting an Incorrect Use of Privileged APIs vulnerability (CWE-648). This vulnerability allows unauthenticated remote attackers to modify any user's password through the API, granting them access to Web, SSH, and Telnet services using the compromised account. While the CVSS score is high (9.8), the SOCRadar Vulnerability Risk Score (SVRS) is 40, indicating a moderate risk level requiring attention and mitigation.

Key Insights

  • High Impact: Successful exploitation of this vulnerability could grant attackers full control over the modem and the network it connects to, potentially enabling data theft, malware installation, and denial-of-service attacks.
  • Remote Exploitation: This vulnerability can be exploited remotely without the need for any prior access or authentication, making it easier for attackers to exploit.
  • Unpatched Devices: The vulnerability affects D-Link DSL6740C modems, and users need to ensure their devices are updated to the latest firmware version to patch the vulnerability.
  • No Known Exploitation: Currently, there are no known active exploits or threat actors targeting this vulnerability. However, the simplicity of the exploit and the potential impact make it a significant security concern.

Mitigation Strategies

  1. Firmware Update: Immediately update the D-Link DSL6740C modems to the latest firmware version, which should contain the necessary patch to address the vulnerability.
  2. Change Default Credentials: Change the default credentials of the modem to strong, unique passwords and enable two-factor authentication if possible.
  3. Network Segmentation: Implement network segmentation to isolate the modem from other critical systems and limit the impact of a potential compromise.
  4. Regular Security Audits: Regularly perform security audits of the modem and network infrastructure to identify and address any potential vulnerabilities.

Additional Information

If you have additional queries regarding CVE-2024-11068 or require further information, you can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

D-Link says it won't patch 60,000 older modems, as they're not worth saving
2024-11-13
D-Link says it won't patch 60,000 older modems, as they're not worth saving | The D-Link modems are carrying critical flaws that allow for device takeover. Security researchers find critical flaws in modems reaching End of LifeD-Link says it won't patch them, and recommends upgrading the hardwareThere are some 60,000 vulnerable devices
techradar.com
rss
forum
news
Thousands of EOL D-Link Routers Vulnerable to Password Change Attacks
Divya2024-11-13
Thousands of EOL D-Link Routers Vulnerable to Password Change Attacks | In a critical security disclosure, it has been revealed that thousands of end-of-life (EOL) D-Link DSL-6740C routers are vulnerable to password change attacks. The vulnerability tracked as CVE-2024-11068 has been rated as critical by the TWCERT/CC, with an alarming CVSS score of 9.8. The affected routers, no longer supported by D-Link as of January 15, 2024, are […] The post Thousands of EOL D-Link Routers
gbhackers.com
rss
forum
news
CVE-2024-11068 | D-Link DSL6740C Web/SSH/Telnet incorrect privileged apis
vuldb.com2024-11-11
CVE-2024-11068 | D-Link DSL6740C Web/SSH/Telnet incorrect privileged apis | A vulnerability was found in D-Link DSL6740C. It has been classified as very critical. Affected is an unknown function of the component Web/SSH/Telnet. The manipulation leads to incorrect use of privileged apis. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is traded as CVE-2024-11068</a
vuldb.com
rss
forum
news

Social Media

🚨 CVE Alert: Critical D-Link Incorrect Use of Privileged APIs vulnerability🚨 Vulnerability Details: CVE-2024-11068 (CVSS 9.8/10) D-Link Incorrect Use of Privileged APIs vulnerability Impact A Successful exploit may allows unauthenticated attackers to remotely modify any https://t.co/mtPpsxqd7R
0
0
0
CVE-2024-11068 (CVSS 9.8): Critical D-Link DSL-6740C Flaw, Immediate Replacement Advised Stay informed about the security risks associated with the D-Link DSL-6740C modem. Discover the vulnerabilities and how they can expose you to remote attacks. https://t.co/fps60AtL9u
0
1
3
🗣 CVE-2024-11068 (CVSS 9.8): Critical D-Link DSL-6740C Flaw, Immediate Replacement Advised https://t.co/mGi9f6EXuB
0
0
0
[CVE-2024-11068: CRITICAL] D-Link DSL6740C modem vulnerable to remote attacks, allowing unauthorized password modifications through Privileged APIs, risking access to Web, SSH, and Telnet services.#cybersecurity,#vulnerability https://t.co/ESwtNIeOXd https://t.co/g2uQhX7SAR
0
0
0

Affected Software

Configuration 1
TypeVendorProduct
OSDlinkdsl6740c_firmware

References

ReferenceLink
[email protected]https://www.twcert.org.tw/en/cp-139-8234-0514c-2.html
[email protected]https://www.twcert.org.tw/tw/cp-132-8227-f3f3b-1.html

CWE Details

CWE IDCWE NameDescription
CWE-648Incorrect Use of Privileged APIsThe application does not conform to the API requirements for a function call that requires extra privileges. This could allow attackers to gain privileges by causing the function to be called incorrectly.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence