216.73.217.80

CVE-2025-6931

· Published 30/06/2025 23:15 · Modified 01/07/2025 14:15

Labels: CVE-2025-6931 2025-06-30CVE-2025-6931CWE-330[email protected]

Essential information

Published
30/06/2025 23:15
Modified
01/07/2025 14:15
Author
Creator
CVSS
6.3 MEDIUM (v3) 6.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability classified as problematic was found in D-Link DCS-6517 and DCS-7517 up to 2.02.0. Affected by this vulnerability is the function generate_pass_from_mac of the file /bin/httpd of the component Root Password Generation Handler. The manipulation leads to insufficient entropy. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
d-link / dcs-6517 cpe:2.3:a:d-link:dcs-6517:<2.02.0:*:*:*:*:*:*:*
d-link / dcs-7517 cpe:2.3:a:d-link:dcs-7517:<2.02.0:*:*:*:*:*:*:*

References