CNNVD-202510-2301 Information

CNNVD ID

CNNVD-202510-2301

Related CVE

CVE-2025-34254

• CNNVD Published: 2025-10-16

Description (Chinese)

D-Link Nuclias Connect是中国友讯（D-Link）公司的一套无线网络集中管理系统。 D-Link Nuclias Connect 1.3.1.4及之前版本存在安全漏洞，该漏洞源于Login端点返回不同JSON响应，可能导致远程攻击者枚举有效用户名。

Description (English)

D-Link Nuclias Connect is a centralized wireless network management system for the company D-Link. There is a security loophole in D-Link Nuclias Connect 1.3.1.4 and earlier versions, which originates from the return of a different JSON response from the Login endpoint, which may result in a long-range attacker taking a valid user name.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

友讯

Published

2025-10-16

Last Modified

2026-02-24

References

https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10472 https://www.dlink.com/en/for-business/nuclias/nuclias-connect https://www.vulncheck.com/advisories/dlink-nuclias-connect-login-account-enumeration https://access.redhat.com/security/cve/cve-2025-34254