OTPulse
FeedAboutContact

Dingtian DT-R0 Series

Act Now9.8ICS-CERT ICSA-25-044-18Feb 13, 2025
Attack VectorNetwork
Auth RequiredNone
ComplexityLow
User InteractionNone needed
Summary

Dingtian DT-R series routers (DT-R002, DT-R008, DT-R016, DT-R032) contain an authentication bypass vulnerability that allows an unauthenticated attacker to modify device settings and gain administrator access. The vulnerability is classified as CWE-288 (authentication bypass using an alternate path). Dingtian has not responded to mitigation requests from CISA, and no firmware patch is currently available for any affected version.

What this means
What could happen
An unauthenticated attacker could modify device settings and gain administrator access to Dingtian DT-R series routers, potentially compromising network communications and control functions across your infrastructure.
Who's at risk
Water utilities and electric utilities using Dingtian DT-R series industrial routers (DT-R002, DT-R008, DT-R016, DT-R032) for SCADA network communications and remote access are affected. This is critical for any facility where these routers handle control traffic or provide remote connectivity to PLCs or RTUs.
How it could be exploited
An attacker on the network (or Internet if the device is exposed) sends a specially crafted request to the unauthenticated management interface of the DT-R device. The device accepts the request without verifying the attacker's credentials and grants administrative access, allowing configuration changes.
Prerequisites
  • Network access to the DT-R device management interface (typically port 80/443)
  • Device must be running one of the affected firmware versions (V3.1.3044A, V3.1.1759A, V3.1.2776A, V3.1.3826A)
  • No credentials required
remotely exploitableno authentication requiredlow complexityno patch availablecritical CVSS score (9.8)
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (4)
4 EOL
ProductAffected VersionsFix Status
DT-R002: V3.1.3044AV3.1.3044ANo fix (EOL)
DT-R008: V3.1.1759AV3.1.1759ANo fix (EOL)
DT-R016: V3.1.2776AV3.1.2776ANo fix (EOL)
DT-R032: V3.1.3826AV3.1.3826ANo fix (EOL)
Remediation & Mitigation
0/5
Do now
0/2
WORKAROUNDImmediately restrict network access to DT-R device management interfaces using firewall rules; only permit access from specific engineering workstations on your management network
WORKAROUNDDisable remote management access to DT-R devices from the Internet or untrusted networks
Schedule — requires maintenance window
0/2

Patching may require device reboot — plan for process interruption

HARDENINGMonitor DT-R devices for unexpected configuration changes or unauthorized access attempts
HOTFIXContact Dingtian customer support to track when a firmware patch will be available; evaluate migration to alternative router hardware if no fix timeline is provided
Mitigations - no patch available
0/1
The following products have reached End of Life with no planned fix: DT-R002: V3.1.3044A, DT-R008: V3.1.1759A, DT-R016: V3.1.2776A, DT-R032: V3.1.3826A. Apply the following compensating controls:
HARDENINGSegment DT-R routers and control system networks from business networks using firewalls and network isolation
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/706dc107-cfd6-421a-bcbf-3553d574ac59
Dingtian DT-R0 Series | CVSS 9.8 - OTPulse