Main Vulnerability Database Vulnerabilities #VU114785

#VU114785 Improper access control in DSL-7740C - CVE-2025-29515

Published: September 4, 2025

Vulnerability identifier: #VU114785

Vulnerability risk: High

CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber

CVE-ID: CVE-2025-29515

CWE-ID: CWE-284

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vulnerable software:
DSL-7740C

Software vendor:
D-Link

Description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions in the DELT_file.xgi endpoint. A remote attacker can bypass implemented security restrictions and modify arbitrary settings within the device's XML database, including the administrator’s password.

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10458

#VU114785 Improper access control in DSL-7740C - CVE-2025-29515

Description

Remediation

External links

Please verify you're human