Dph 400se Firmware

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-45784 CRITICAL POC Act Now

D-Link DPH-400S/SE VoIP phones running firmware v1.01 contain hardcoded provisioning credentials (PROVIS_USER_PASSWORD) embedded directly in the firmware binary, allowing attackers with firmware access to extract sensitive authentication material via static analysis tools. This critical vulnerability (CVSS 9.8) enables unauthorized access to device management functions and potentially user accounts, with network-accessible exploitation possible if combined with firmware extraction techniques.

D-Link Information Disclosure Dph 400se Firmware Dph 400s Firmware
NVD
CVSS 3.1
9.8
EPSS
0.5%
CVE-2025-45784
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

D-Link DPH-400S/SE VoIP phones running firmware v1.01 contain hardcoded provisioning credentials (PROVIS_USER_PASSWORD) embedded directly in the firmware binary, allowing attackers with firmware access to extract sensitive authentication material via static analysis tools. This critical vulnerability (CVSS 9.8) enables unauthorized access to device management functions and potentially user accounts, with network-accessible exploitation possible if combined with firmware extraction techniques.

D-Link Information Disclosure Dph 400se Firmware +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy