CVE-2025-45784
Last modified
CVE-2025-45784 is a critical-severity vulnerability rated 9.8/10 on the CVSS scale. D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVIS_USER_PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially leading to unauthorized access to device functions or user accounts. EPSS estimates a 0.49% chance of exploitation in the next 30 days.
Description
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVIS_USER_PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially leading to unauthorized access to device functions or user accounts. This vulnerability exists due to insecure storage of sensitive information in the firmware binary.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Dlink | Dph-400se Firmware | 1.01 |
| Dlink | Dph-400s Firmware | 1.01 |
References
- https://cybermaya.in/posts/Post-37/Exploit, Third Party Advisory
- https://www.dlink.com/en/security-bulletin/Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-45784?
How severe is CVE-2025-45784?
How do I fix CVE-2025-45784?
Are you affected by CVE-2025-45784?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST