CVE-2025-45784
CRITICALD-Link DPH-400S/SE VoIP Phone 1.01 - Hardcoded Credentials Exposure via Firmware Binary
Title source: llmDescription
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVIS_USER_PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially leading to unauthorized access to device functions or user accounts. This vulnerability exists due to insecure storage of sensitive information in the firmware binary.
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://cybermaya.in/posts/Post-37/
Vendor Advisory
https://www.dlink.com/en/security-bulletin/
Scores
CVSS v3
9.8
EPSS
0.0049
EPSS Percentile
38.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
yes
Technical Impact
total
Details
CWE
CWE-798
Status
published
Products (2)
dlink/dph-400s_firmware
1.01
dlink/dph-400se_firmware
1.01
Published
Jun 18, 2025
Tracked Since
Feb 18, 2026