CVE-2025-45784
moderate-risk
Published 2025-06-18
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVIS_USER_PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially leading to unauthorized access to device functions or user accounts. This vulnerability exists due to insecure storage of sensitive information in the firmware binary.
Do I need to act?
~
1.9% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.8/10
Critical
NETWORK
/ LOW complexity
Affected Products (2)
Dph-400Se Firmware
Dph-400S Firmware
Affected Vendors
References (2)
Vendor Advisory
https://www.dlink.com/en/security-bulletin/
44
/ 100
moderate-risk
Severity
32/34 · Critical
Exploitability
5/34 · Minimal
Exposure
7/34 · Low