7.2

CVE-2025-8231

Exploit

D-Link DIR-890L UART Port rgbin hard-coded credentials

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
DlinkDir-890l Firmware Version <= 1.11b04
   DlinkDir-890l Version-
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.13% 0.317
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
cna@vuldb.com 5.2 0 0
CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
cna@vuldb.com 6.8 0.9 5.9
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cna@vuldb.com 7.2 3.9 10
AV:L/AC:L/Au:N/C:C/I:C/A:C
CWE-259 Use of Hard-coded Password

The product contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.

CWE-798 Use of Hard-coded Credentials

The product contains hard-coded credentials, such as a password or cryptographic key.

https://vuldb.com/?id.317819
Third Party Advisory
VDB Entry
https://vuldb.com/?ctiid.317819
VDB Entry
Permissions Required
https://vuldb.com/?submit.622337
Third Party Advisory
VDB Entry