PT-2025-51736 · Dbit · Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router
Kirubel
·
Published
2025-12-16
·
Updated
2025-12-21
·
CVE-2025-65427
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router version V1.0.0
Description
The Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router version V1.0.0 does not implement rate limiting on the
/api/login endpoint. This allows attackers to attempt brute-force password enumeration. The vulnerable parameter is the password.Recommendations
Apply rate limiting to the
/api/login endpoint to prevent brute-force attacks.Exploit
Fix
Improper Restriction of Excessive Authentication Attempts
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router