CVE-2025-65731

MEDIUM
2026-01-08 [email protected]
6.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 12, 2026 - 21:54 vuln.today
PoC Detected
Jan 30, 2026 - 01:07 vuln.today
Public exploit code
CVE Published
Jan 08, 2026 - 19:15 nvd
MEDIUM 6.8

Tags

D-Link Dir 605l Firmware

Description

An issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access control.

Analysis

Dir-605L Firmware versions up to 6.02cn02 is affected by missing authentication for critical function (CVSS 6.8).

Technical Context

This vulnerability (CWE-306: Missing Authentication for Critical Function) affects Dir-605L Firmware. was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access control.

Affected Products

Vendor: Dlink. Product: Dir-605L Firmware. Versions: up to 6.02cn02.

Remediation

Monitor vendor advisories for a patch.

Priority Score

54
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +34
POC: +20

Share

CVE-2025-65731 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy