dingtian-tech 相關的公開 CVE 漏洞與安全風險資訊,提供 CVSS、EPSS、公開時間與漏洞情報資料,協助評估潛在風險與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2025-10880 | All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request. | [email protected] | 8.7 | 0.29% | 2025-09-25 | 2026-06-17 |
| CVE-2025-10879 | All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication. | [email protected] | 8.7 | 0.29% | 2025-09-25 | 2026-06-17 |
| CVE-2025-1283 | The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login requirements by directly navigating to the main page. | [email protected] | 9.3 | 0.55% | 2025-02-13 | 2026-06-17 |
| CVE-2022-29593 | relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request. | [email protected] | 5.9 | 10.44% | 2022-07-14 | 2026-06-17 |