CNNVD-202510-2300 Information

CNNVD ID

CNNVD-202510-2300

Related CVE

CVE-2025-34255

• CNNVD Published: 2025-10-16

Description (Chinese)

D-Link Nuclias Connect是中国友讯（D-Link）公司的一套无线网络集中管理系统。 D-Link Nuclias Connect 1.3.1.4及之前版本存在安全漏洞，该漏洞源于忘记密码端点存在可观察的响应差异，可能导致远程攻击者枚举有效电子邮件地址。

Description (English)

D-Link Nuclias Connect is a centralized wireless network management system for the company D-Link. There is a security loophole in D-Link Nuclias Connect 1.3.1.4 and earlier versions, which stems from forgetting that there are observable response differences at the password end point, which may result in long-range attackers taking up a valid e-mail address.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

友讯

Published

2025-10-16

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/dlink-nuclias-connect-forgot-password-account-enumeration https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10472 https://www.dlink.com/en/for-business/nuclias/nuclias-connect https://access.redhat.com/security/cve/cve-2025-34255