Dingtian-Tech: Security Vulnerabilities
All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to extract the proprietary "Dingtian Binary" protocol password by sending an unauthenticated GET request.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-25
All versions of Dingtian DT-R002 are vulnerable to an Insufficiently Protected Credentials vulnerability that could allow an attacker to retrieve the current user's username without authentication.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-09-25
The Dingtian DT-R0 Series is vulnerable to an exploit that allows
attackers to bypass login requirements by directly navigating to the
main page.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-02-13
relay_cgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request.
CVSS Score
5.9
EPSS Score
0.082
Published
2022-07-14