What is the CVSS score of CVE-2025-65731?

CVE-2025-65731 has a CVSS 3.1 base score of 6.8 (Medium). CVSS vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.0%.

Which versions of Dir 605l Firmware are affected by CVE-2025-65731?

CVE-2025-65731 presents notable security risk, a missing authentication vulnerability rated CVSS 6.8. This could allow unauthorized access to protected resources.

Is there a public PoC exploit available for CVE-2025-65731?

Yes, a public proof-of-concept exploit is available for CVE-2025-65731. Prioritise patching immediately. EPSS: 0.0%.

How to fix or mitigate CVE-2025-65731?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Audit authentication configurations.

Dir 605l Firmware CVE-2025-65731

MEDIUM

Missing Authentication for Critical Function (CWE-306)

2026-01-08 cve@mitre.org

D-Link Dir 605l Firmware

6.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Physical

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:54 vuln.today

PoC Detected

Jan 30, 2026 - 01:07 vuln.today

Public exploit code

CVE Published

Jan 08, 2026 - 19:15 nvd

MEDIUM 6.8

DescriptionNVD

An issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access control.

AnalysisAI

Dir-605L Firmware versions up to 6.02cn02 is affected by missing authentication for critical function (CVSS 6.8).

Technical ContextAI

This vulnerability (CWE-306: Missing Authentication for Critical Function) affects Dir-605L Firmware. was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access control.

RemediationAI

Monitor vendor advisories for a patch.

More from same product – last 7 days

CVE-2026-4377 MEDIUM This Month

6.0 May 28

Weak default credential generation in the D-Link DWR-X1820 router exposes administrative access to adjacent-network atta

CVE-2025-65731 vulnerability details – vuln.today

Back

Dir 605l Firmware CVE-2025-65731

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code