CVE-2025-65427
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-16

Assigner: MITRE

Description
An issue was discovered in Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router on firmware version V1.0.0 does not implement rate limiting to /api/login allowing attackers to brute force password enumerations.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-16
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-14
NVD
CVE-2025-65427
EUVD
EUVD-2025-203805
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
dbit n300_t1_pro_easy_setup_wireless_wifi_router v1.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-307 The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router firmware version V1.0.0. It is caused by the lack of rate limiting on the /api/login endpoint, which allows attackers to perform brute-force password attacks by repeatedly sending login requests without restriction. This flaw is classified as CWE-307 (Improper Restriction of Excessive Authentication Attempts). Attackers can automate these attempts to guess passwords and gain unauthorized access to the router. [2]

Impact Analysis

If exploited, this vulnerability allows attackers to gain administrative access to the router by brute forcing login credentials. With administrative access, attackers can change router configurations, modify DNS settings, or update the firmware. This can lead to network compromise, interception of traffic, redirection to malicious sites, or persistent control over the network device. [2]

Detection Guidance

This vulnerability can be detected by monitoring for excessive or repeated POST requests to the /api/login endpoint of the Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router. Since the server returns session tokens even after failed login attempts, you can use tools like curl or Python requests to simulate brute-force attempts and observe the responses. For example, you can use curl commands to send multiple POST requests with different username and password combinations to /api/login and check if the server continues to respond without rate limiting. Monitoring network logs for a high volume of POST requests to /api/login from the same source IP can also indicate exploitation attempts. [2]

Mitigation Strategies

Immediate mitigation steps include restricting access to the /api/login endpoint by implementing rate limiting or blocking repeated failed login attempts at the network or firewall level. If possible, update the router firmware to a version that addresses this vulnerability. Additionally, monitor login attempts and consider changing default credentials to strong, unique passwords to reduce the risk of successful brute-force attacks. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65427. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart