CVE-2024-48272

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-48272
D-Link DSL6740C v6.TR069.20211230 was discovered to use an insecure default Wifi password, possibly allowing attackers to connect to the device via a bruteforce attack.

6.5 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://gist.github.com/stevenyu113228/e264c145d6e6e6b59cf53fddc27409ad#2--predictable-wifi-password-in-d-link-dsl6740c-modem Exploit Third Party Advisory
https://www.dlink.com/en/security-bulletin/ Product
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:dsl-6740c_firmware:6.tr069.20211230:*:*:*:*:*:*:*
cpe:2.3:h:dlink:dsl-6740c:-:*:*:*:*:*:*:*
History

07 May 2025, 15:50

Type Values Removed Values Added
CPE cpe:2.3:h:dlink:dsl-6740c:-:*:*:*:*:*:*:*
cpe:2.3:o:dlink:dsl-6740c_firmware:6.tr069.20211230:*:*:*:*:*:*:*
References () https://gist.github.com/stevenyu113228/e264c145d6e6e6b59cf53fddc27409ad#2--predictable-wifi-password-in-d-link-dsl6740c-modem - () https://gist.github.com/stevenyu113228/e264c145d6e6e6b59cf53fddc27409ad#2--predictable-wifi-password-in-d-link-dsl6740c-modem - Exploit, Third Party Advisory
References () https://www.dlink.com/en/security-bulletin/ - () https://www.dlink.com/en/security-bulletin/ - Product
First Time Dlink dsl-6740c Firmware
Dlink
Dlink dsl-6740c

31 Oct 2024, 16:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 6.5
CWE CWE-521
Summary
  • (es) Se descubrió que D-Link DSL6740C v6.TR069.20211230 usa una contraseña de Wifi predeterminada insegura, lo que posiblemente permite a los atacantes conectarse al dispositivo a través de un ataque de fuerza bruta.

30 Oct 2024, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-10-30 20:15

Updated : 2025-05-07 15:50

NVD link : CVE-2024-48272

Mitre link : CVE-2024-48272

CVE.ORG link : CVE-2024-48272

JSON object : View

Products Affected

dlink

  • dsl-6740c_firmware
  • dsl-6740c
CWE
CWE-521

Weak Password Requirements