www.belgium.be Logo of the federal government

WARNING: D-LINK PRIVILEGE ESCALATION VULNERABILITY, REPLACE IMMEDIATELY!

Référence: 
Advisory #2024-260
Version: 
1.0
Logiciels concernés : 
D-Link DSL6740C modem
Type: 
Privilege Escalation
CVE/CVSS: 

CVE-2024-11068: CVSS 9.8(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVE-2024-11067: CVSS 7.5(CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

Sources

NVD

Risques

The D-Link DSL6740C modem has two critical vulnerabilities that allow unauthenticated remote attackers to modify user passwords, gain unauthorized access to services (Web, SSH, Telnet), and read arbitrary system files. The default password generation mechanism further amplifies the risk.

Description

Attackers can exploit API misuse to reset passwords (CVE-2024-11067) and use path traversal (CVE-2024-11068) to access system files and default passwords, enabling unauthorized access to the device.

Actions recommandées

The affected devices no longer support updates.

The Centre for Cybersecurity Belgium strongly recommends replacing the devices, since the affected devices no longer support updates.

Monitor/Detect

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.

In case of an intrusion, you can report an incident via: https://ccb.belgium.be/en/cert/report-incident.

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.

Références

CERT Taiwan - https://www.twcert.org.tw/en/cp-139-8234-0514c-2.html

CVE Details - https://www.cvedetails.com/cve/CVE-2024-11068/