CVE-2025-4750: Information Disclosure in D-Link DI-7003GV2
A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). This issue affects some unknown processing of the file /H5/get_version.data of the component Configuration Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
AI Analysis
Technical Summary
CVE-2025-4750 is a medium-severity information disclosure vulnerability affecting the D-Link DI-7003GV2 router, specifically version 24.04.18D1 R(68125). The vulnerability arises from improper handling of requests to the /H5/get_version.data endpoint within the device's Configuration Handler component. An attacker can remotely exploit this flaw without requiring authentication or user interaction, leveraging the network accessibility of the device to retrieve sensitive information. Although the exact nature of the disclosed information is unspecified, such leaks typically include firmware version details, configuration parameters, or other internal data that could facilitate further attacks or reconnaissance. The vulnerability has been publicly disclosed, increasing the risk of exploitation, but no confirmed active exploitation in the wild has been reported to date. The CVSS 4.0 base score of 6.9 reflects a medium severity, driven by the vulnerability's network attack vector, low complexity, and lack of required privileges or user interaction, but limited impact confined to confidentiality with no direct integrity or availability consequences. The absence of a patch or mitigation details in the provided information suggests that affected users should prioritize monitoring and defensive measures until an official fix is released.
Potential Impact
For European organizations, the information disclosure vulnerability in the D-Link DI-7003GV2 router can have several implications. Disclosure of device configuration or firmware details can aid attackers in crafting targeted exploits or launching subsequent attacks such as privilege escalation, device takeover, or lateral movement within networks. Organizations relying on these routers for critical network infrastructure or IoT connectivity could face increased risk of network reconnaissance and compromise. Confidentiality breaches may expose internal network architecture or security configurations, undermining organizational security posture. While the vulnerability does not directly impact availability or integrity, the indirect consequences of information leakage could facilitate more severe attacks. Given the remote and unauthenticated nature of the exploit, attackers can operate stealthily, increasing the threat to enterprises, especially those with exposed or poorly segmented network environments. This risk is heightened in sectors with stringent data protection requirements under GDPR, where unauthorized data exposure can lead to regulatory penalties and reputational damage.
Mitigation Recommendations
1. Network Segmentation: Isolate D-Link DI-7003GV2 devices from critical network segments and restrict access to management interfaces to trusted internal networks only. 2. Access Controls: Implement firewall rules to block external access to the /H5/get_version.data endpoint and related management ports, minimizing exposure to remote attackers. 3. Monitoring and Logging: Enable detailed logging on network devices and monitor for unusual or repeated requests targeting the vulnerable endpoint to detect potential exploitation attempts early. 4. Firmware Updates: Regularly check for official firmware updates or security advisories from D-Link addressing this vulnerability and apply patches promptly once available. 5. Device Replacement: For high-risk environments, consider replacing affected devices with models that have no known vulnerabilities or have received timely security updates. 6. Incident Response Preparedness: Develop and test incident response plans that include procedures for handling information disclosure incidents and potential follow-on attacks. 7. Vendor Engagement: Engage with D-Link support channels to obtain guidance and timelines for remediation and to report any suspicious activity related to this vulnerability.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland
CVE-2025-4750: Information Disclosure in D-Link DI-7003GV2
Description
A vulnerability, which was classified as problematic, has been found in D-Link DI-7003GV2 24.04.18D1 R(68125). This issue affects some unknown processing of the file /H5/get_version.data of the component Configuration Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
AI-Powered Analysis
Technical Analysis
CVE-2025-4750 is a medium-severity information disclosure vulnerability affecting the D-Link DI-7003GV2 router, specifically version 24.04.18D1 R(68125). The vulnerability arises from improper handling of requests to the /H5/get_version.data endpoint within the device's Configuration Handler component. An attacker can remotely exploit this flaw without requiring authentication or user interaction, leveraging the network accessibility of the device to retrieve sensitive information. Although the exact nature of the disclosed information is unspecified, such leaks typically include firmware version details, configuration parameters, or other internal data that could facilitate further attacks or reconnaissance. The vulnerability has been publicly disclosed, increasing the risk of exploitation, but no confirmed active exploitation in the wild has been reported to date. The CVSS 4.0 base score of 6.9 reflects a medium severity, driven by the vulnerability's network attack vector, low complexity, and lack of required privileges or user interaction, but limited impact confined to confidentiality with no direct integrity or availability consequences. The absence of a patch or mitigation details in the provided information suggests that affected users should prioritize monitoring and defensive measures until an official fix is released.
Potential Impact
For European organizations, the information disclosure vulnerability in the D-Link DI-7003GV2 router can have several implications. Disclosure of device configuration or firmware details can aid attackers in crafting targeted exploits or launching subsequent attacks such as privilege escalation, device takeover, or lateral movement within networks. Organizations relying on these routers for critical network infrastructure or IoT connectivity could face increased risk of network reconnaissance and compromise. Confidentiality breaches may expose internal network architecture or security configurations, undermining organizational security posture. While the vulnerability does not directly impact availability or integrity, the indirect consequences of information leakage could facilitate more severe attacks. Given the remote and unauthenticated nature of the exploit, attackers can operate stealthily, increasing the threat to enterprises, especially those with exposed or poorly segmented network environments. This risk is heightened in sectors with stringent data protection requirements under GDPR, where unauthorized data exposure can lead to regulatory penalties and reputational damage.
Mitigation Recommendations
1. Network Segmentation: Isolate D-Link DI-7003GV2 devices from critical network segments and restrict access to management interfaces to trusted internal networks only. 2. Access Controls: Implement firewall rules to block external access to the /H5/get_version.data endpoint and related management ports, minimizing exposure to remote attackers. 3. Monitoring and Logging: Enable detailed logging on network devices and monitor for unusual or repeated requests targeting the vulnerable endpoint to detect potential exploitation attempts early. 4. Firmware Updates: Regularly check for official firmware updates or security advisories from D-Link addressing this vulnerability and apply patches promptly once available. 5. Device Replacement: For high-risk environments, consider replacing affected devices with models that have no known vulnerabilities or have received timely security updates. 6. Incident Response Preparedness: Develop and test incident response plans that include procedures for handling information disclosure incidents and potential follow-on attacks. 7. Vendor Engagement: Engage with D-Link support channels to obtain guidance and timelines for remediation and to report any suspicious activity related to this vulnerability.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-05-15T09:03:01.687Z
- Cisa Enriched
- true
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 682cd0f91484d88663aebdbb
Added to database: 5/20/2025, 6:59:05 PM
Last enriched: 7/11/2025, 11:18:36 PM
Last updated: 8/15/2025, 12:18:32 PM
Views: 19
Related Threats
CVE-2025-3495: CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Delta Electronics COMMGR
CriticalCVE-2025-53948: CWE-415 Double Free in Santesoft Sante PACS Server
HighCVE-2025-52584: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-46269: CWE-122 Heap-based Buffer Overflow in Ashlar-Vellum Cobalt
HighCVE-2025-54862: CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') in Santesoft Sante PACS Server
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.