CVE-2025-4750

MEDIUM

D-Link DI-7003GV2 24.04.18D1 R(68125) - Information Disclosure in Configuration Handler

Title source: llm

Description

A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). This issue affects some unknown processing of the file /H5/get_version.data of the component Configuration Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

References (5)

Core 5

Core References

Permissions Required, Third Party Advisory vdb-entry

https://vuldb.com/?id.309053

Permissions Required, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.309053

Permissions Required, Third Party Advisory third-party-advisory

https://vuldb.com/?submit.571069

Exploit exploit

https://github.com/at0de/my_vulns/blob/main/Dlink/Di-7003GV2/get_version.md

View Exploit ZIP pw:eip

Product product

https://www.dlink.com/

Scores

CVSS v3 5.3

EPSS 0.0092

EPSS Percentile 55.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-200 CWE-284

Status published

Products (1)

dlink/di-7003g_firmware 24.04.18d1_r\(68125\)

Published May 16, 2025

Tracked Since Feb 18, 2026