| Title | D-Link DIR-890L Versions up to DIR890LA1_FW111b04 Hard-coded Credentials |
|---|
| Description | In the `rgbin` binary of D-Link dir890L, the authentication for UART is handled via function at address 0xD084. It compares user's input with credential retrieved from system configuration. However, under certain start configuration, the system will uses the hardcoded credential `35dHJLI!wyX:ut77a3d33w` for authentication. |
|---|
| Source | ⚠️ https://github.com/Nicholas-wei/bug-discovery/blob/main/dlink/dir890-hardcoded/dir890-hardcoded.md |
|---|
| User | nich0las (UID 51709) |
|---|
| Submission | 07/25/2025 10:13 (9 months ago) |
|---|
| Moderation | 07/26/2025 15:18 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 317819 [D-Link DIR-890L up to 111b04 UART Port rgbin hard-coded credentials] |
|---|
| Points | 19 |
|---|