D-Link DIR-890L UART via rgbin leads to hard-coded creds
CVE-2025-8231 Published on July 27, 2025
D-Link DIR-890L UART Port rgbin hard-coded credentials
A vulnerability, which was classified as critical, has been found in D-Link DIR-890L up to 111b04. This issue affects some unknown processing of the file rgbin of the component UART Port. The manipulation leads to hard-coded credentials. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Types
Use of Hard-coded Credentials
The software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
Use of Hard-coded Password
The software contains a hard-coded password, which it uses for its own inbound authentication or for outbound communication to external components.
Products Associated with CVE-2025-8231
Want to know whenever a new CVE is published for D-Link Dir 890l Firmware? stack.watch will email you.
Affected Versions
D-Link DIR-890L Version 111b04 is affected by CVE-2025-8231Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.