CVE-2025-1283
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login requirements by directly navigating to the main page.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dingtian | DT-R002 | V3.1.3044A | affected |
| Dingtian | DT-R008 | V3.1.1759A | affected |
| Dingtian | DT-R016 | V3.1.2776A | affected |
| Dingtian | DT-R032 | V3.1.3826A | affected |
Weaknesses
- CWE-288: CWE-288
Workarounds
Dingtian has not responded to requests to work with CISA to mitigate this vulnerability, thus no mitigation is available at this time. Users of affected versions of Dingtian DT-R002 are invited to contact Dingtian customer support https://www.dingtian-tech.com/en_us/aboutus.html for additional information.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-18
- https://www.dingtian-tech.com/en_us/aboutus.html?tab=contact_us
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.