CVE-2025-65731

MEDIUM

D-Link Router DIR-605L - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-65731. PoCs published by whitej3rry.

AI-analyzed exploit summary This repository documents a hardware-based vulnerability (CVE-2025-65731) in the D-Link DIR-605L router, where unauthenticated root shell access is achievable via exposed UART debug pins. The writeup includes detailed steps and images demonstrating the exploit process.

Description

An issue was discovered in D-Link Router DIR-605L (Hardware version F1; Firmware version: V6.02CN02) allowing an attacker with physical access to the UART pins to execute arbitrary commands due to presence of root terminal access on a serial interface without proper access control.

Exploits (1)

nomisec WRITEUP
by whitej3rry · poc
https://github.com/whitej3rry/CVE-2025-65731

This repository documents a hardware-based vulnerability (CVE-2025-65731) in the D-Link DIR-605L router, where unauthenticated root shell access is achievable via exposed UART debug pins. The writeup includes detailed steps and images demonstrating the exploit process.

Classification
Writeup 100%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: D-Link DIR-605L (Hardware F1, Firmware V6.02CN02)
No auth needed
Prerequisites: Physical access to the device · UART connection tools (e.g., serial interface, terminal emulator)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 6.8
EPSS 0.0037
EPSS Percentile 29.0%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-306
Status published
Products (1)
dlink/dir-605l_firmware 6.02cn02
Published Jan 08, 2026
Tracked Since Feb 18, 2026