CVE-2024-11068 (CVSS 9.8): Critical D-Link DSL-6740C Flaw, Immediate Replacement Advised
TWCERT/CC has issued multiple security advisories for the D-Link DSL-6740C modem, revealing a range of severe vulnerabilities that could expose users to remote attacks.
The modem, which is no longer supported with security updates, suffers from a variety of flaws, including:
- CVE-2024-11068 (CVSS 9.8): Incorrect Use of Privileged APIs: This critical vulnerability allows unauthenticated attackers to remotely modify any user’s password, granting them access to web, SSH, and Telnet services.
- CVE-2024-11067 (CVSS 7.5): Arbitrary File Reading through Path Traversal: This vulnerability enables attackers to read arbitrary system files, including potentially sensitive information. Furthermore, attackers can exploit this flaw to obtain the device’s MAC address, which can be used to guess the default password and gain full control.
- CVE-2024-11066, CVE-2024-11062, CVE-2024-11063, CVE-2024-11064, CVE-2024-11065 (CVSS 7.2): OS Command Injection: These multiple vulnerabilities allow attackers with administrator privileges to inject and execute arbitrary commands on the device, potentially leading to complete system compromise.
Urgent Action Required
Due to the severity of these vulnerabilities and the lack of available security updates, TWCERT/CC strongly recommends immediate replacement of the D-Link DSL-6740C modem. Continuing to use this device poses significant security risks, including:
- Data Breaches: Attackers could steal sensitive personal information or confidential data.
- Network Takeover: Compromised devices could be used to launch attacks on other devices within the network.
- Device Hijacking: Attackers could take complete control of the modem and use it for malicious purposes.
Mitigation Strategies
While replacement is the most effective solution, users who are unable to immediately replace their devices should consider the following mitigation measures:
- Firewall Protection: Implement a strong firewall to block unauthorized access to the modem.
- Strong Passwords: Change default passwords and use strong, unique passwords for all accounts.
- Network Segmentation: Isolate the modem from other critical devices on the network.
- Disable Remote Access: Disable remote access features if not required.