CVE-2025-62777
📋 TL;DR
This vulnerability involves hard-coded credentials in MZK-DP300N devices, allowing attackers on the local network to gain Telnet access and execute arbitrary commands. It affects version 1.07 and earlier of the MZK-DP300N network device. Attackers can achieve full device compromise without authentication.
💻 Affected Systems
- MZK-DP300N
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete device takeover leading to network pivoting, data exfiltration, or deployment of persistent malware across connected systems.
Likely Case
Local network attackers gain administrative control of the device, enabling traffic interception, configuration changes, or denial of service.
If Mitigated
If network segmentation and access controls are implemented, impact is limited to isolated network segments.
🎯 Exploit Status
Exploitation requires only Telnet access and knowledge of the hard-coded credentials, making it trivial for attackers on the local network.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not available
Vendor Advisory: https://www.planex.co.jp/products/mzk-dp300n/
Restart Required: No
Instructions:
No official patch is available. Contact vendor for firmware updates or replace affected devices.
🔧 Temporary Workarounds
Disable Telnet service
allDisable the Telnet service if not required for operations.
Check device web interface for Telnet disable option
Network segmentation
allIsolate affected devices in separate VLANs with strict access controls.
🧯 If You Can't Patch
- Implement strict network access controls to limit Telnet access to trusted IPs only
- Monitor Telnet authentication attempts and block suspicious IP addresses
🔍 How to Verify
Check if Vulnerable:
Attempt Telnet login to device using known hard-coded credentials (not disclosed here for security).Check Version:
Check device web interface or serial console for firmware version information.Verify Fix Applied:
Verify Telnet service is disabled or requires proper authentication.📡 Detection & Monitoring
Log Indicators:
- Successful Telnet logins from unexpected IP addresses
- Multiple failed Telnet authentication attempts
Network Indicators:
- Telnet connections to device port 23 from unauthorized sources
- Unusual outbound connections from device
SIEM Query:
source_ip=* AND destination_port=23 AND protocol=TCP AND event_type=authentication_success