The Dingtian DT-R0 Series is vulnerable to an exploit that allows
attackers to bypass login requirements by directly navigating to the
main page.
Fixes

Solution

No solution given by the vendor.


Workaround

Dingtian has not responded to requests to work with CISA to mitigate this vulnerability, thus no mitigation is available at this time. Users of affected versions of Dingtian DT-R002 are invited to contact Dingtian customer support https://www.dingtian-tech.com/en_us/aboutus.html for additional information.

History

Sun, 13 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00062}

epss

{'score': 0.00071}


Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.00077}

epss

{'score': 0.00062}


Thu, 10 Apr 2025 19:15:00 +0000

Type Values Removed Values Added
First Time appeared Dingtian-tech
Dingtian-tech dt-r002
Dingtian-tech dt-r002 Firmware
Dingtian-tech dt-r008
Dingtian-tech dt-r008 Firmware
Dingtian-tech dt-r016
Dingtian-tech dt-r016 Firmware
Dingtian-tech dt-r032
Dingtian-tech dt-r032 Firmware
Weaknesses CWE-306
CPEs cpe:2.3:h:dingtian-tech:dt-r002:-:*:*:*:*:*:*:*
cpe:2.3:h:dingtian-tech:dt-r008:-:*:*:*:*:*:*:*
cpe:2.3:h:dingtian-tech:dt-r016:-:*:*:*:*:*:*:*
cpe:2.3:h:dingtian-tech:dt-r032:-:*:*:*:*:*:*:*
cpe:2.3:o:dingtian-tech:dt-r002_firmware:3.1.3044a:*:*:*:*:*:*:*
cpe:2.3:o:dingtian-tech:dt-r008_firmware:3.1.1759a:*:*:*:*:*:*:*
cpe:2.3:o:dingtian-tech:dt-r016_firmware:3.1.2776a:*:*:*:*:*:*:*
cpe:2.3:o:dingtian-tech:dt-r032_firmware:3.1.3826a:*:*:*:*:*:*:*
Vendors & Products Dingtian-tech
Dingtian-tech dt-r002
Dingtian-tech dt-r002 Firmware
Dingtian-tech dt-r008
Dingtian-tech dt-r008 Firmware
Dingtian-tech dt-r016
Dingtian-tech dt-r016 Firmware
Dingtian-tech dt-r032
Dingtian-tech dt-r032 Firmware

Fri, 14 Feb 2025 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 13 Feb 2025 21:30:00 +0000

Type Values Removed Values Added
Description The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login requirements by directly navigating to the main page.
Title Dingtian DT-R0 Series Authentication Bypass Using an Alternate Path or Channel
Weaknesses CWE-288
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: icscert

Published:

Updated: 2025-02-14T15:48:05.939Z

Reserved: 2025-02-13T17:14:44.612Z

Link: CVE-2025-1283

cve-icon Vulnrichment

Updated: 2025-02-14T15:38:04.773Z

cve-icon NVD

Status : Analyzed

Published: 2025-02-13T22:15:11.413

Modified: 2025-04-10T18:55:23.537

Link: CVE-2025-1283

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.