CVE-2023-43960

HIGH

DLink DPH-400SE FRU <2.2.15.8 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-43960. PoCs published by tahaafarooq.

AI-analyzed exploit summary This exploit describes an information disclosure vulnerability in DLINK DPH-400SE VoIP Phone, where a guest user can view and modify admin credentials in plaintext via the web portal. The POC outlines steps to exploit default credentials and access sensitive information.

Description

An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component.

Exploits (1)

exploitdb WRITEUP

by tahaafarooq · textwebappshardware

https://www.exploit-db.com/exploits/51709

View Code ZIP pw:eip

This exploit describes an information disclosure vulnerability in DLINK DPH-400SE VoIP Phone, where a guest user can view and modify admin credentials in plaintext via the web portal. The POC outlines steps to exploit default credentials and access sensitive information.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: DLINK DPH-400SE FRU2.2.15.8

Auth required

Prerequisites: Default guest credentials (guest:guest) · Access to the web portal

MITRE ATT&CK

T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory, VDB Entry

https://www.exploit-db.com/exploits/51709

Various Sources

https://hackmd.io/%40tahaafarooq/dlink-dph-400se-cwe-200

Scores

CVSS v3 8.8

EPSS 0.0632

EPSS Percentile 91.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (1)

dlink/dph-400se_firmware 2.2.15.8

Published Oct 11, 2023

Tracked Since Feb 18, 2026