D-Link DSL-7740C Modem Incorrect Access Control Vulnerability Allowing Arbitrary Settings Modification

A vulnerability exists in the D-Link DSL-7740C modem running firmware DSL7740C.V6.TR069.20211230. The issue arises from incorrect access control in the DELT_file.xgi endpoint, which allows unauthorized users to remotely modify arbitrary settings in the device's XML database. This includes sensitive configurations such as the administrator's password. The vulnerability can be exploited without authentication, leading to unauthorized changes in device management settings.

Impact

Exploitation of this vulnerability could result in unauthorized modification of device settings, including administrative passwords, allowing attackers to gain control over the device and disrupt its normal operations.

Reproduction

To reproduce this vulnerability, send an unauthenticated HTTP request to the DELT_file.xgi endpoint, including a payload that modifies the administrator password. After the request is processed, verify the password change by accessing the device's user management system and checking the updated password.