Physical Access Vulnerability in D-Link DIR-605L Router
CVE-2025-65731

Currently unrated

Key Information:

Vendor: D-Link
Status: DIR-605L Router
Vendor: CVE Published:; 8 January 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2025-65731?

A physical access vulnerability exists in the D-Link DIR-605L Router that can be exploited by an attacker with direct access to the UART pins. This flaw permits the execution of arbitrary commands due to unregulated root terminal access on a serial interface. Without proper access controls, this could lead to unauthorized manipulation of the router's firmware and settings, posing a significant risk to network security.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-65731
Created by whitej3rry

References

https://www.dlink.com/en/security-bulletin/

https://www.dlink.com/uk/en/products/dir-605l-wireless-n-...

https://gist.github.com/whitej3rry/f142a93bac360f9b1126f5...

Timeline

🟡
Public PoC available
Jan 8, 2026
👾
Exploit known to exist
Jan 8, 2026
Vulnerability published
Jan 8, 2026
Vulnerability Reserved
Nov 18, 2025

JSON