← Back

Dph 400se Firmware

dph-400se_firmware

Vendor: Dlink • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-45784
1Dlink
2Dph 400s Firmware
Dph 400se Firmware
Jul 22, 2025
Jun 18, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVIS_USER_PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these...Show more
D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning variables, including PROVIS_USER_PASSWORD, which may expose sensitive user credentials. An attacker with access to the firmware image can extract these credentials using static analysis tools such as strings or xxd, potentially leading to unauthorized access to device functions or user accounts. This vulnerability exists due to insecure storage of sensitive information in the firmware binary.Show less
CVE-2023-43960
1Dlink
1Dph 400se Firmware
Nov 21, 2024
Oct 11, 2023
N/A· v4
8.8 HIGH· v3
N/A· v2
An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component.