VYPR

DSL7740C

by Dlink

CVEs (10)

  • CVE-2025-29515CriAug 25, 2025
    risk 0.64cvss 9.8epss 0.01

    Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to modify arbitrary settings within the device's XML database, including the administrator’s password.

  • CVE-2025-29514CriAug 25, 2025
    risk 0.64cvss 9.8epss 0.01

    Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to download the configuration file via providing a crafted web request.

  • CVE-2020-12774HigJul 22, 2020
    risk 0.53cvss 8.2epss 0.00

    D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to inject arbitrary command.

  • CVE-2025-29523HigAug 25, 2025
    risk 0.47cvss 7.2epss 0.02

    D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function.

  • CVE-2025-29516HigAug 25, 2025
    risk 0.47cvss 7.2epss 0.02

    D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the backup function.

  • CVE-2025-29517MedAug 25, 2025
    risk 0.44cvss 6.8epss 0.02

    D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the traceroute6 function.

  • CVE-2025-29522MedAug 25, 2025
    risk 0.42cvss 6.5epss 0.01

    D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping function.

  • CVE-2025-29519MedAug 25, 2025
    risk 0.35cvss 5.3epss 0.02

    A command injection vulnerability in the EXE parameter of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to execute arbitrary commands via supplying a crafted GET request.

  • CVE-2025-29521MedAug 25, 2025
    risk 0.34cvss 5.3epss 0.01

    Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack.

  • CVE-2025-29520MedAug 25, 2025
    risk 0.34cvss 5.3epss 0.01

    Incorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackers with low-level privileges to arbitrarily change the high-privileged account passwords and escalate privileges.