CVE-2025-65427

MEDIUM

6.5

Descripcion

An issue was discovered in Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router on firmware version V1.0.0 does not implement rate limiting to /api/login allowing attackers to brute force password enumerations.

Detalles CVE

Puntuacion CVSS v3.16.5

SeveridadMEDIUM

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado12/16/2025

Ultima modificacion12/31/2025

Fuentenvd

Avistamientos honeypot0

Productos afectados

dbitnet:dbit_n300_t1_prodbitnet:dbit_n300_t1_pro_firmware

Debilidades (CWE)

CWE-307

Referencias

http://dbit.com(cve@mitre.org)

http://shenzhen.com(cve@mitre.org)

https://github.com/kirubel-cve/CVE-2025-65427(cve@mitre.org)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.