Home

Description

Incorrect access control in the DELT_file.xgi endpoint of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to modify arbitrary settings within the device's XML database, including the administrator’s password.

PUBLISHED Reserved 2025-03-11 | Published 2025-08-25 | Updated 2025-08-25 | Assigner mitre

References

www.dlink.com/en/security-bulletin/

gist.github.com/...yu113228/0bf32385245f71dfe11b0ef77c468392

cve.org (CVE-2025-29515)

nvd.nist.gov (CVE-2025-29515)

Download JSON