ID
CVE
TITLE
D-Link Corporation of DSL-2740R Multiple vulnerabilities in firmware
sources:
JVNDB: JVNDB-2026-013762
DESCRIPTION
A vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and might be used. The exploit has been exposed and may be exploited.Some of the information handled by the software may be leaked to the outside. Also, some of the information handled by the software may be rewritten. Furthermore, the software will not stop. Furthermore, attacks exploiting this vulnerability may affect other software
sources:
NVD: CVE-2026-7027 //
JVNDB: JVNDB-2026-013762
AFFECTED PRODUCTS
| vendor: | dlink | model: | dsl-2740r | scope: | eq | version: | eu_01.15 | |
| vendor: | d link | model: | dsl-2740r | scope: | eq | version: | dsl-2740r firmware eu_01.15 | |
| vendor: | d link | model: | dsl-2740r | scope: | eq | version: | - | |
| vendor: | d link | model: | dsl-2740r | scope: | - | version: | - | |
sources:
JVNDB: JVNDB-2026-013762 //
NVD: CVE-2026-7027
CVSS
SEVERITY | CVSSV2 | CVSSV3 |
| cna@vuldb.com: | CVE-2026-7027 | |
|
| value: | LOW | | | nvd@nist.gov: | CVE-2026-7027 | |
|
| value: | MEDIUM | | | OTHER: | JVNDB-2026-013762 | |
|
| value: | MEDIUM | |
| | cna@vuldb.com: | CVE-2026-7027 | |
|
| severity: | LOW | | baseScore: | 3.3 | | vectorString: | AV:N/AC:L/AU:M/C:N/I:P/A:N | | accessVector: | NETWORK | | accessComplexity: | LOW | | authentication: | MULTIPLE | | confidentialityImpact: | NONE | | integrityImpact: | PARTIAL | | availabilityImpact: | NONE | | exploitabilityScore: | 6.4 | | impactScore: | 2.9 | | acInsufInfo: | NONE | | obtainAllPrivilege: | NONE | | obtainUserPrivilege: | NONE | | obtainOtherPrivilege: | NONE | | userInteractionRequired: | NONE | | version: | 2.0 | | | OTHER: | JVNDB-2026-013762 | |
|
| severity: | LOW | | baseScore: | 3.3 | | vectorString: | AV:N/AC:L/AU:M/C:N/I:P/A:N | | accessVector: | NETWORK | | accessComplexity: | LOW | | authentication: | MULTIPLE | | confidentialityImpact: | NONE | | integrityImpact: | PARTIAL | | availabilityImpact: | NONE | | exploitabilityScore: | NONE | | impactScore: | NONE | | acInsufInfo: | NONE | | obtainAllPrivilege: | NONE | | obtainUserPrivilege: | NONE | | obtainOtherPrivilege: | NONE | | userInteractionRequired: | NONE | | version: | 2.0 | |
| | cna@vuldb.com: | CVE-2026-7027 | |
|
| baseSeverity: | LOW | | baseScore: | 2.4 | | vectorString: | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N | | attackVector: | NETWORK | | attackComplexity: | LOW | | privilegesRequired: | HIGH | | userInteraction: | REQUIRED | | scope: | UNCHANGED | | confidentialityImpact: | NONE | | integrityImpact: | LOW | | availabilityImpact: | NONE | | exploitabilityScore: | 0.9 | | impactScore: | 1.4 | | version: | 3.1 | | | nvd@nist.gov: | CVE-2026-7027 | |
|
| baseSeverity: | MEDIUM | | baseScore: | 4.8 | | vectorString: | CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | | attackVector: | NETWORK | | attackComplexity: | LOW | | privilegesRequired: | HIGH | | userInteraction: | REQUIRED | | scope: | CHANGED | | confidentialityImpact: | LOW | | integrityImpact: | LOW | | availabilityImpact: | NONE | | exploitabilityScore: | 1.7 | | impactScore: | 2.7 | | version: | 3.1 | | | NVD: | JVNDB-2026-013762 | |
|
| baseSeverity: | MEDIUM | | baseScore: | 4.8 | | vectorString: | CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N | | attackVector: | NETWORK | | attackComplexity: | LOW | | privilegesRequired: | HIGH | | userInteraction: | REQUIRED | | scope: | CHANGED | | confidentialityImpact: | LOW | | integrityImpact: | LOW | | availabilityImpact: | NONE | | exploitabilityScore: | NONE | | impactScore: | NONE | | version: | 3.0 | |
|
sources:
JVNDB: JVNDB-2026-013762 //
NVD: CVE-2026-7027 //
NVD: CVE-2026-7027
PROBLEMTYPE DATA
| problemtype: | CWE-94 | |
| problemtype: | CWE-79 | |
| problemtype: | Cross-site scripting (CWE-79) [ others ] | |
| problemtype: | Code injection (CWE-94) [ others ] | |
sources:
JVNDB: JVNDB-2026-013762 //
NVD: CVE-2026-7027
PATCH
| title: | https | url: | https://vuldb.com/submit/797896 | |
sources:
JVNDB: JVNDB-2026-013762
EXTERNAL IDS
| db: | NVD | id: | CVE-2026-7027 | |
| db: | JVNDB | id: | JVNDB-2026-013762 | |
sources:
JVNDB: JVNDB-2026-013762 //
NVD: CVE-2026-7027
REFERENCES
| url: | https://www.dlink.com/ | |
| url: | https://vuldb.com/submit/797896 | |
| url: | https://vuldb.com/vuln/359607 | |
| url: | https://vuldb.com/vuln/359607/cti | |
| url: | https://nvd.nist.gov/vuln/detail/cve-2026-7027 | |
sources:
JVNDB: JVNDB-2026-013762 //
NVD: CVE-2026-7027
SOURCES
| db: | JVNDB | id: | JVNDB-2026-013762 |
| db: | NVD | id: | CVE-2026-7027 |
LAST UPDATE DATE
2026-06-19T23:19:12.796000+00:00
SOURCES UPDATE DATE
| db: | JVNDB | id: | JVNDB-2026-013762 | date: | 2026-05-01T01:41:00 |
| db: | NVD | id: | CVE-2026-7027 | date: | 2026-04-30T14:10:56.920 |
SOURCES RELEASE DATE
| db: | JVNDB | id: | JVNDB-2026-013762 | date: | 2026-05-01T00:00:00 |
| db: | NVD | id: | CVE-2026-7027 | date: | 2026-04-26T09:16:17.967 |
