CVE-2025-4750 — Sensitive Information Exposure in D-link Di-7003gv2

CWE-200 — Sensitive Information Exposure CWE-284 — Improper Access Control CWE-416 — Use After Free4 documents4 sources

Severity

6.9MEDIUMNVD

EPSS

0.5%

top 36.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

D-link Di-7003gv2 Dlink Di-7003g Firmware

Timeline

PublishedMay 16

Description

A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). This issue affects some unknown processing of the file /H5/get_version.data of the component Configuration Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Affected Packages2 packages

▶CVEListV5d-link/di-7003gv224.04.18D1 R(68125)

▶NVDdlink/di-7003g_firmware24.04.18d1_r\(68125\)

🔴Vulnerability Details

CVEList

D-Link DI-7003GV2 Configuration get_version.data information disclosure↗2025-05-16

▶

GHSA

GHSA-m8rm-wxxp-wcc5: A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24↗2025-05-16

▶

📋Vendor Advisories

Microsoft

Use After Free in vim/vim↗2023-09-12

▶