CVE-2026-10045
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk12th percentile — higher than 12% of all known CVEs
Summary
The router from Shenzhen Kangda Xin Intelligent Network Technology, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash, inspect active connections, and view currently connected devices.
Risk Assessment
The risk to the organization involves the potential for unauthorized access to the device, which could lead to data compromise and configuration modification.
Recommendation
It is recommended to disable telnet and change the default login credentials to stronger ones, as well as to regularly update the router's firmware.
Original NVD description (English source)
Shenzhen Kangda Xin Intelligent Network Technology Company's router, model DR300, version 2.1.2.121, contains hardcoded login credentials and has telnet enabled by default on WAN and LAN interfaces. These vulnerabilities allow attackers to read and write to memory, modify firmware stored in flash, inspect active connections, and view currently connected devices.

