CVE-2025-4749 is a critical vulnerability identified in the D-Link DI-7003GV2 router, specifically affecting firmware version 24.04.18D1 R(68125). The vulnerability resides in the Factory Reset Handler component, within the function sub_4983B0 of the /H5/backup.asp?opt=reset endpoint. An attacker can remotely exploit this flaw without any authentication or user interaction, by sending crafted requests to this endpoint. Successful exploitation leads to a denial of service (DoS) condition, effectively disrupting the normal operation of the device. The vulnerability has a CVSS 4.0 base score of 8.7, indicating high severity, with an attack vector classified as network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and no impact on confidentiality, integrity, or availability beyond the denial of service (VA:H). The scope is unchanged, and no known exploits are currently observed in the wild, although the exploit details have been publicly disclosed. This vulnerability could be leveraged by attackers to disrupt network connectivity or availability of services relying on the affected router, potentially impacting business continuity and network reliability.

For European organizations, this vulnerability poses a significant risk to network infrastructure stability, especially for those relying on the D-Link DI-7003GV2 router model. A successful DoS attack could interrupt internet access, intranet communications, or critical services dependent on this device, leading to operational downtime and potential financial losses. Sectors such as telecommunications, small and medium enterprises, and critical infrastructure operators using this router could face service degradation or outages. Additionally, the lack of authentication and user interaction requirements lowers the barrier for attackers, increasing the likelihood of exploitation. Given the public disclosure of the exploit, threat actors may develop automated attack tools targeting vulnerable devices, amplifying the risk. The impact extends beyond immediate service disruption, as repeated or prolonged outages could affect customer trust, regulatory compliance, and incident response resources.

Organizations should immediately verify if they are using the D-Link DI-7003GV2 router with the affected firmware version 24.04.18D1 R(68125). In the absence of an official patch (none currently linked), the following specific mitigations are recommended: 1) Restrict access to the router’s management interface and the /H5/backup.asp endpoint by implementing network segmentation and firewall rules to block unauthorized external traffic. 2) Disable remote management features if not required, or limit them to trusted IP addresses only. 3) Monitor network traffic for unusual requests targeting the /H5/backup.asp?opt=reset endpoint and set up alerts for potential exploitation attempts. 4) Consider deploying intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics to detect exploitation patterns related to this vulnerability. 5) Engage with D-Link support for firmware updates or patches and plan for timely firmware upgrades once available. 6) As a temporary measure, consider replacing vulnerable devices with alternative hardware if critical services depend on uninterrupted availability.