CVE-2025-4750

MEDIUM

Dlink Di-7003g Firmware - Information Disclosure

Title source: rule

Description

A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). This issue affects some unknown processing of the file /H5/get_version.data of the component Configuration Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

References (5)

Core 5

Core References

Permissions Required, Third Party Advisory vdb-entry

https://vuldb.com/?id.309053

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.309053

Permissions Required, Third Party Advisory third-party-advisory

https://vuldb.com/?submit.571069

Exploit exploit

https://github.com/at0de/my_vulns/blob/main/Dlink/Di-7003GV2/get_version.md

View Exploit ZIP pw:eip

Product product

https://www.dlink.com/

Scores

CVSS v3 5.3

EPSS 0.0046

EPSS Percentile 64.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-284 CWE-200

Status published

Products (1)

dlink/di-7003g_firmware 24.04.18d1_r\(68125\)

Published May 16, 2025

Tracked Since Feb 18, 2026