DSL-7740C
by Dlink
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-29517 | 0.00 | — | 0.00 | Aug 25, 2025 | D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the traceroute6 function. | |||
| CVE-2025-29522 | 0.00 | — | 0.01 | Aug 25, 2025 | D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping function. | |||
| CVE-2025-29515 | 0.00 | — | 0.00 | Aug 25, 2025 | Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to modify arbitrary settings within the device's XML database, including the administrator’s password. | |||
| CVE-2025-29519 | 0.00 | — | 0.01 | Aug 25, 2025 | A command injection vulnerability in the EXE parameter of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to execute arbitrary commands via supplying a crafted GET request. | |||
| CVE-2025-29516 | 0.00 | — | 0.01 | Aug 25, 2025 | D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the backup function. | |||
| CVE-2025-29523 | 0.00 | — | 0.01 | Aug 25, 2025 | D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function. | |||
| CVE-2025-29514 | 0.00 | — | 0.00 | Aug 25, 2025 | Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to download the configuration file via providing a crafted web request. | |||
| CVE-2025-29520 | 0.00 | — | 0.00 | Aug 25, 2025 | Incorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackers with low-level privileges to arbitrarily change the high-privileged account passwords and escalate privileges. | |||
| CVE-2025-29521 | 0.00 | — | 0.00 | Aug 25, 2025 | Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack. |
- CVE-2025-29517Aug 25, 2025risk 0.00cvss —epss 0.00
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the traceroute6 function.
- CVE-2025-29522Aug 25, 2025risk 0.00cvss —epss 0.01
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping function.
- CVE-2025-29515Aug 25, 2025risk 0.00cvss —epss 0.00
Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to modify arbitrary settings within the device's XML database, including the administrator’s password.
- CVE-2025-29519Aug 25, 2025risk 0.00cvss —epss 0.01
A command injection vulnerability in the EXE parameter of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to execute arbitrary commands via supplying a crafted GET request.
- CVE-2025-29516Aug 25, 2025risk 0.00cvss —epss 0.01
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the backup function.
- CVE-2025-29523Aug 25, 2025risk 0.00cvss —epss 0.01
D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was discovered to contain a command injection vulnerability via the ping6 function.
- CVE-2025-29514Aug 25, 2025risk 0.00cvss —epss 0.00
Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to download the configuration file via providing a crafted web request.
- CVE-2025-29520Aug 25, 2025risk 0.00cvss —epss 0.00
Incorrect access control in the Maintenance module of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows authenticated attackers with low-level privileges to arbitrarily change the high-privileged account passwords and escalate privileges.
- CVE-2025-29521Aug 25, 2025risk 0.00cvss —epss 0.00
Insecure default credentials for the Adminsitrator account of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to escalate privileges via a bruteforce attack.