CVE-2025-10880

High CVSS: 8.7

All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request.

Vendor

Dingtian-tech

Product

Dt-r002 Firmware

CWE

CWE-522

Yayın Tarihi

2025-09-25 17:15:38

Güncelleme

2025-09-29 14:44:22

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-522 Dt-r002 Firmware HIGH Dingtian-tech 2025

Referanslar

https://www.cisa.gov/news-events/ics-advisories/icsa-25-268-01