CVE-2025-4751: Information Disclosure in D-Link DI-7003GV2
A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected is an unknown function of the file /index.data. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AI Analysis
Technical Summary
CVE-2025-4751 is a medium-severity information disclosure vulnerability affecting the D-Link DI-7003GV2 router, specifically version 24.04.18D1 R(68125). The vulnerability arises from an unknown function related to the /index.data file, which can be manipulated remotely without any authentication or user interaction. This manipulation leads to unauthorized disclosure of information, potentially exposing sensitive data stored or processed by the device. The vulnerability has a CVSS 4.0 base score of 6.9, reflecting a network attack vector with low attack complexity and no privileges or user interaction required. The impact is limited to confidentiality, with no direct effect on integrity or availability. Although the exact nature of the disclosed information is unspecified, such leaks can aid attackers in reconnaissance or facilitate further exploitation. No patches or mitigations have been publicly linked yet, and while no exploits are currently known to be in the wild, the public disclosure of the exploit code increases the risk of exploitation.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to those using the affected D-Link DI-7003GV2 routers in their network infrastructure. Information disclosure can lead to leakage of configuration details, network topology, or credentials, which attackers can leverage to escalate attacks or gain unauthorized access. This is particularly concerning for small and medium enterprises or branch offices relying on this router model for internet connectivity or VPN termination. The exposure could compromise confidentiality of internal communications or sensitive operational data. Given the remote exploitability without authentication, attackers can target vulnerable devices directly over the internet, increasing the attack surface. While the impact does not directly affect system availability or integrity, the indirect consequences of leaked information could lead to more severe attacks. European organizations with limited network segmentation or outdated device inventories are at higher risk.
Mitigation Recommendations
1. Immediate network-level mitigation should include restricting remote access to the affected router's management interfaces, especially blocking access to the /index.data endpoint from untrusted networks. 2. Implement network segmentation to isolate vulnerable devices from critical assets. 3. Monitor network traffic for unusual requests targeting the router, particularly those attempting to access /index.data or other sensitive endpoints. 4. Regularly audit and update router firmware; although no patch is currently linked, organizations should stay alert for vendor updates addressing this vulnerability. 5. Employ intrusion detection/prevention systems (IDS/IPS) with signatures for this CVE once available. 6. Replace or upgrade affected devices if feasible, especially in high-risk environments. 7. Educate IT staff about this vulnerability to ensure timely response and mitigation.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland
CVE-2025-4751: Information Disclosure in D-Link DI-7003GV2
Description
A vulnerability, which was classified as problematic, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected is an unknown function of the file /index.data. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
AI-Powered Analysis
Technical Analysis
CVE-2025-4751 is a medium-severity information disclosure vulnerability affecting the D-Link DI-7003GV2 router, specifically version 24.04.18D1 R(68125). The vulnerability arises from an unknown function related to the /index.data file, which can be manipulated remotely without any authentication or user interaction. This manipulation leads to unauthorized disclosure of information, potentially exposing sensitive data stored or processed by the device. The vulnerability has a CVSS 4.0 base score of 6.9, reflecting a network attack vector with low attack complexity and no privileges or user interaction required. The impact is limited to confidentiality, with no direct effect on integrity or availability. Although the exact nature of the disclosed information is unspecified, such leaks can aid attackers in reconnaissance or facilitate further exploitation. No patches or mitigations have been publicly linked yet, and while no exploits are currently known to be in the wild, the public disclosure of the exploit code increases the risk of exploitation.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to those using the affected D-Link DI-7003GV2 routers in their network infrastructure. Information disclosure can lead to leakage of configuration details, network topology, or credentials, which attackers can leverage to escalate attacks or gain unauthorized access. This is particularly concerning for small and medium enterprises or branch offices relying on this router model for internet connectivity or VPN termination. The exposure could compromise confidentiality of internal communications or sensitive operational data. Given the remote exploitability without authentication, attackers can target vulnerable devices directly over the internet, increasing the attack surface. While the impact does not directly affect system availability or integrity, the indirect consequences of leaked information could lead to more severe attacks. European organizations with limited network segmentation or outdated device inventories are at higher risk.
Mitigation Recommendations
1. Immediate network-level mitigation should include restricting remote access to the affected router's management interfaces, especially blocking access to the /index.data endpoint from untrusted networks. 2. Implement network segmentation to isolate vulnerable devices from critical assets. 3. Monitor network traffic for unusual requests targeting the router, particularly those attempting to access /index.data or other sensitive endpoints. 4. Regularly audit and update router firmware; although no patch is currently linked, organizations should stay alert for vendor updates addressing this vulnerability. 5. Employ intrusion detection/prevention systems (IDS/IPS) with signatures for this CVE once available. 6. Replace or upgrade affected devices if feasible, especially in high-risk environments. 7. Educate IT staff about this vulnerability to ensure timely response and mitigation.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-05-15T09:03:04.064Z
- Cisa Enriched
- true
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 682cd0fa1484d88663aebf12
Added to database: 5/20/2025, 6:59:06 PM
Last enriched: 7/12/2025, 12:19:04 AM
Last updated: 8/2/2025, 10:39:34 PM
Views: 14
Related Threats
CVE-2025-8878: CWE-94 Improper Control of Generation of Code ('Code Injection') in properfraction Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress
MediumCVE-2025-8143: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in pencidesign Soledad
MediumCVE-2025-8142: CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') in pencidesign Soledad
HighCVE-2025-8105: CWE-94 Improper Control of Generation of Code ('Code Injection') in pencidesign Soledad
HighCVE-2025-8719: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in reubenthiessen Translate This gTranslate Shortcode
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.