CVE-2025-8231

Sažetak

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

Reference

https://github.com/Nicholas-wei/bug-discovery/blob/main/dlink/dir890-hardcoded/dir890-hardcoded.md
https://vuldb.com/?ctiid.317819
https://vuldb.com/?id.317819
https://vuldb.com/?submit.622337
https://www.dlink.com/

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

27-07-2025 - 14:15

Objavljeno

27-07-2025 - 14:15