Multiple D-Link Products Vulnerabilities

Severity

High

Analysis Summary

CVE-2025-8231 CVSS:6.8

A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2025-8175 CVSS:6.5

D-Link DI-8400 is vulnerable to a denial of service, caused by a NULL pointer dereference in file usb_paswd.asp of the component jhttpd.

Impact

Denial of Service
Gain Access

Indicators of Compromise

CVE

CVE-2025-8231
CVE-2025-8175

Affected Vendors

D-Link

Affected Products

D-Link DI-8400 16.07.26A1
D-Link DIR-890L 111b04

Remediation

Refer to the D-Link Website for patch, upgrade, or suggested workaround information.

CVE-2025-8231

CVE-2025-8175

Multiple Adobe Experience Manager Vulnerabilities

Patchwork APT Group – Active IOCs

Multiple D-Link Products Vulnerabilities

Severity

High

Analysis Summary

Indicators of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan