CVE-2025-45784 – D-Link DPH-400S/SE VoIP Phone Hardcoded Credentials Vulnerability

June 18, 2025

CVE ID : CVE-2025-45784

Published : June 18, 2025, 2:15 p.m. | 16 minutes ago

Description : D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVIS_USER_PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially leading to unauthorized access to device functions or user accounts. This vulnerability exists due to insecure storage of sensitive information in the firmware binary.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-46157 – EfroTech Time Trax Remote Code Execution Vulnerability

Next Article CVE-2025-45661 – miniTCG XSS

IBM launches new integration to help unify AI security and governance

Meet Accessible UX Research, A Brand-New Smashing Book

Modernizing your approach to governance, risk and compliance

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

With Windows 10 circling the drain, Windows 11 sees a long-overdue surge

This PC app boosts FPS in any game on any GPU for only $7 — and it just got a major update

Sam Altman claims Meta is trying to poach OpenAI staffers with $100 million bonuses, but “none of our best people have decided to take them up on that”

Why Inclusive Design Solutions Are important for Accessibility

Why Inclusive Design Solutions Are important for Accessibility

Microsoft Copilot for Power Platform

Integrate Coveo Atomic CLI-Based Hosted Search Page into Adobe Experience Manager (AEM)

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

RAIDOU Remastered: The Mystery of the Soulless Army Review (PC) – A well-done action-RPG remaster that makes me hopeful for more revivals of classic Atlus titles

With Windows 10 circling the drain, Windows 11 sees a long-overdue surge

This PC app boosts FPS in any game on any GPU for only $7 — and it just got a major update

CVE-2025-45784 – D-Link DPH-400S/SE VoIP Phone Hardcoded Credentials Vulnerability

Roundcube: CVE-2025–49113

CVE-2025-23121 Critical Veeam Vulnerability: Backup Servers at Risk from Authenticated RCE Flaw

CVE-2025-4250 – Nero Social Networking Site SQL Injection Vulnerability

Citrix NetScaler ADC and Gateway Vulnerabilities Allow Attackers to Access Sensitive Data

Windows 11 will throttle your CPU when you’re away to boost battery life

CVE-2025-32821 – SMA100 Command Injection Vulnerability

CVE-2024-41446 – Alkacon OpenCMS Stored XSS Vulnerability

CVE-2025-3910 – Keycloak Authorization Bypass Vulnerability

CVE-2025-23103 – Samsung Exynos Out-of-Bounds Write Vulnerability

CVE-2025-5409 – Mist Community Edition API Token Handler Remote Improper Access Control Vulnerability

CVE-2025-45784 – D-Link DPH-400S/SE VoIP Phone Hardcoded Credentials Vulnerability

Related Posts