CVE Catalog

CVE-2025-65427

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.24%

15th percentile - higher than 15% of all known CVEs

Summary

The Dbit N300 T1 Pro router running firmware V1.0.0 lacks rate limiting on the /api/login endpoint, allowing attackers to brute force passwords.

Risk Assessment

The risk is unauthorized access to the device, potentially compromising the entire local network.

Recommendation

Update the router firmware to the latest version and implement rate limiting on login endpoints.

Original NVD description (English source)

An issue was discovered in Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router on firmware version V1.0.0 does not implement rate limiting to /api/login allowing attackers to brute force password enumerations.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS