CVE-2025-4750

A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). This issue affects some unknown processing of the file /H5/get_version.data of the component Configuration Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
References
Link Resource
https://github.com/at0de/my_vulns/blob/main/Dlink/Di-7003GV2/get_version.md Exploit
https://vuldb.com/?ctiid.309053 Permissions Required VDB Entry
https://vuldb.com/?id.309053 Permissions Required Third Party Advisory
https://vuldb.com/?submit.571069 Permissions Required Third Party Advisory
https://www.dlink.com/ Product
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:dlink:di-7003g_firmware:24.04.18d1_r\(68125\):*:*:*:*:*:*:*
cpe:2.3:h:dlink:di-7003g:v2:*:*:*:*:*:*:*

History

03 Jun 2025, 15:57

Type Values Removed Values Added
References () https://github.com/at0de/my_vulns/blob/main/Dlink/Di-7003GV2/get_version.md - () https://github.com/at0de/my_vulns/blob/main/Dlink/Di-7003GV2/get_version.md - Exploit
References () https://vuldb.com/?ctiid.309053 - () https://vuldb.com/?ctiid.309053 - Permissions Required, VDB Entry
References () https://vuldb.com/?id.309053 - () https://vuldb.com/?id.309053 - Permissions Required, Third Party Advisory
References () https://vuldb.com/?submit.571069 - () https://vuldb.com/?submit.571069 - Permissions Required, Third Party Advisory
References () https://www.dlink.com/ - () https://www.dlink.com/ - Product
CWE NVD-CWE-Other
First Time Dlink di-7003g
Dlink di-7003g Firmware
Dlink
CPE cpe:2.3:o:dlink:di-7003g_firmware:24.04.18d1_r\(68125\):*:*:*:*:*:*:*
cpe:2.3:h:dlink:di-7003g:v2:*:*:*:*:*:*:*

16 May 2025, 14:42

Type Values Removed Values Added
Summary
  • (es) Se ha detectado una vulnerabilidad clasificada como problemática en D-Link DI-7003GV2 24.04.18D1 R(68125). Este problema afecta a un procesamiento desconocido del archivo /H5/get_version.data del componente Configuration Handler. La manipulación provoca la divulgación de información. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado.

16 May 2025, 06:15

Type Values Removed Values Added
New CVE

Information

Published : 2025-05-16 06:15

Updated : 2025-06-03 15:57


NVD link : CVE-2025-4750

Mitre link : CVE-2025-4750

CVE.ORG link : CVE-2025-4750


JSON object : View

Products Affected

dlink

  • di-7003g
  • di-7003g_firmware
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

CWE-284

Improper Access Control

NVD-CWE-Other