CVE-2025-34048

HIGH EXPLOITED

D-Link DSL-2730U/2750U/2750E - Path Traversal

Title source: llm

Exploitation Summary

CVE-2025-34048 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Todor Donev.

AI-analyzed exploit summary This script exploits a remote file disclosure vulnerability in D-Link ADSL routers (DSL-2730U/DSL-2750E) by sending a crafted HTTP request to retrieve sensitive files like /etc/shadow. The exploit leverages a path traversal flaw in the webproc CGI binary.

Description

A path traversal vulnerability exists in the web management interface of D-Link DSL-2730U, DSL-2750U, and DSL-2750E ADSL routers with firmware versions IN_1.02, SEA_1.04, and SEA_1.07. The vulnerability is due to insufficient input validation on the getpage parameter within the /cgi-bin/webproc CGI script. This flaw allows an unauthenticated remote attacker to perform path traversal attacks by supplying crafted requests, enabling arbitrary file read on the affected device. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-04 UTC.

Exploits (1)

exploitdb WORKING POC

by Todor Donev · bashremotehardware

https://www.exploit-db.com/exploits/40735

View Code ZIP pw:eip

This script exploits a remote file disclosure vulnerability in D-Link ADSL routers (DSL-2730U/DSL-2750E) by sending a crafted HTTP request to retrieve sensitive files like /etc/shadow. The exploit leverages a path traversal flaw in the webproc CGI binary.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: D-Link DSL-2730U/DSL-2750E Firmware IN_1.02/SEA_1.04/SEA_1.07

No auth needed

Prerequisites: network access to the target router · CGI endpoint exposed to the internet

MITRE ATT&CK

T1005 - Data from Local System T1083 - File and Directory Discovery

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources exploit

https://github.com/threat9/routersploit/blob/master/routersploit/modules/exploits/routers/dlink/dsl_2730_2750_path_traversal.py

View Writeup ZIP pw:eip

Various Sources product

https://www.dlink.com

Third Party Advisory third-party-advisory

https://vulncheck.com/advisories/dlink-dsl-routers-path-traversal-file-read

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/40735

Scores

CVSS v4 8.7

EPSS 0.0061

EPSS Percentile 70.4%

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2025-06-26

CWE

CWE-22

Status published

Products (5)

D-Link/DSL-2730U IN_1.02

D-Link/DSL-2750E SEA_1.04

D-Link/DSL-2750E SEA_1.07

D-Link/DSL-2750U SEA_1.04

D-Link/DSL-2750U SEA_1.07

Published Jun 26, 2025

Tracked Since Feb 18, 2026