CVE-2025-29515
D-Link · DSL-7740C
An incorrect access control vulnerability in the DELT_file.xgi endpoint of D-Link DSL-7740C allows unauthenticated attackers to modify arbitrary settings within the device's XML database.
Executive summary
A critical access control flaw in D-Link DSL-7740C firmware allows unauthenticated remote attackers to modify device configurations, potentially leading to full system compromise.
Vulnerability
The vulnerability exists in the DELT_file.xgi endpoint, which fails to perform sufficient access control checks. This allows an unauthenticated attacker to inject or modify settings in the device's XML database.
Business impact
The ability for an attacker to modify arbitrary settings in the device configuration poses a severe risk to network integrity and confidentiality. With a CVSS score of 9.8, this vulnerability could be leveraged to redirect traffic, disable security features, or create backdoors, resulting in total loss of control over the affected network infrastructure.
Remediation
Immediate Action: Contact D-Link support or check the official support portal for a firmware update addressing this vulnerability.
Proactive Monitoring: Monitor network traffic for unusual requests directed at the .xgi endpoints and review device configuration logs for unauthorized changes.
Compensating Controls: Restrict access to the device management interface to trusted IP addresses only and ensure the device is not exposed directly to the public internet.
Exploitation status
Public Exploit Available: False
Analyst recommendation
Given the critical CVSS severity of 9.8, administrators should prioritize the mitigation of this vulnerability. If an official patch is not immediately available, isolating the affected device from external networks is essential to prevent unauthorized configuration tampering.