VYPR

Dt R002

by Dingtian

CVEs (4)

  • CVE-2025-1283CriFeb 13, 2025
    risk 0.64cvss 9.8epss 0.01

    The Dingtian DT-R0 Series is vulnerable to an exploit that allows attackers to bypass login requirements by directly navigating to the main page.

  • CVE-2022-29593MedJul 14, 2022
    risk 0.42cvss 5.9epss 0.10

    relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.

  • CVE-2025-10880Sep 25, 2025
    risk 0.00cvss epss 0.00

    All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request.

  • CVE-2025-10879Sep 25, 2025
    risk 0.00cvss epss 0.00

    All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication.