CVE Details
Basic Information
| Title | D-Link DIR-890L UART Port rgbin hard-coded credentials |
|---|---|
| Type | cve |
| Published | 2025-07-27T13:32:05.676Z |
| Modified | 2025-07-27T13:32:05.676Z |
Product Information
| Vendor | D-Link |
|---|---|
| Product | DIR-890L |
| Version | 111b04 |
CVSS Information
| Base Score | 7.0 (HIGH) |
|---|---|
| Attack Vector | CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
AI Analysis
| AI Description | A critical vulnerability in the D-Link DIR-890L router up to firmware version 111b04 allows attackers to exploit hard-coded credentials in the rgbin file via the UART port. This issue is highly severe and can be exploited physically. The product is no longer supported by the vendor. |
|---|---|
| AI Severity | High |
| AI Vendor | D-Link |
| AI Product | DIR-890L |
| AI Version | 111b04 |
Affected Products
- D-Link DIR-890L 111b04
Additional Information
| CWE List | CWE-798, CWE-259 |
|---|---|
| Source | VulDB |
Description
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.