CVE-2025-29514
BaseFortify
Publication date: 2025-08-25
Last updated on: 2025-09-02
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dlink | dsl-7740c_firmware | 6.tr069.20211230 |
| dlink | dsl-7740c | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the D-Link DSL-7740C modem's firmware (DSL7740C.V6.TR069.20211230) within the config.xgi function of its web management interface. Due to improper access control, attackers can remotely download the device's configuration file without any authentication by sending a crafted HTTP request. The configuration file contains sensitive information such as WiFi settings, PPPoE credentials, TR-069 remote management configurations, and other network parameters. [1]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to unauthorized disclosure of critical network credentials and settings. Attackers can gain unauthorized network access, impersonate services, redirect network traffic maliciously, and potentially take control of the network infrastructure. Exposure of TR-069 remote management settings also increases the attack surface, allowing attackers to manipulate remote management services and potentially affect multiple devices. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the vulnerable endpoint on the modem's web interface without authentication. For example, you can use the command `wget http://[modem_ip]/config.xgi` or `curl http://[modem_ip]/config.xgi` to see if the configuration file is downloadable without credentials. If the file is retrieved, the device is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the modem's web management interface to trusted networks only, disabling remote management if not needed, and monitoring for unauthorized access attempts. Additionally, updating the firmware to a version that patches this vulnerability (if available) is recommended. If no patch is available, consider isolating the device from untrusted networks to prevent exploitation. [1]