WARNING: D-LINK PRIVILEGE ESCALATION VULNERABILITY, REPLACE IMMEDIATELY!
CVE-2024-11068: CVSS 9.8(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVE-2024-11067: CVSS 7.5(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)
Sources
NVD
Risques
The D-Link DSL6740C modem has two critical vulnerabilities that allow unauthenticated remote attackers to modify user passwords, gain unauthorized access to services (Web, SSH, Telnet), and read arbitrary system files. The default password generation mechanism further amplifies the risk.
Description
Attackers can exploit API misuse to reset passwords (CVE-2024-11067) and use path traversal (CVE-2024-11068) to access system files and default passwords, enabling unauthorized access to the device.
Actions recommandées
The affected devices no longer support updates.
The Centre for Cybersecurity Belgium strongly recommends replacing the devices, since the affected devices no longer support updates.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/en/cert/report-incident.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
Références
CERT Taiwan - https://www.twcert.org.tw/en/cp-139-8234-0514c-2.html
CVE Details - https://www.cvedetails.com/cve/CVE-2024-11068/