Skip to main content

CVE-2025-4756: Denial of Service in D-Link DI-7003GV2

Medium
VulnerabilityCVE-2025-4756cvecve-2025-4756
Published: Fri May 16 2025 (05/16/2025, 07:31:05 UTC)
Source: CVE
Vendor/Project: D-Link
Product: DI-7003GV2

Description

A vulnerability was found in D-Link DI-7003GV2 24.04.18D1 R(68125). It has been declared as problematic. This vulnerability affects unknown code of the file /H5/restart.asp. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

AI-Powered Analysis

AILast updated: 07/11/2025, 23:18:49 UTC

Technical Analysis

CVE-2025-4756 is a medium-severity vulnerability identified in the D-Link DI-7003GV2 router, specifically affecting firmware version 24.04.18D1 R(68125). The vulnerability resides in an unspecified portion of the /H5/restart.asp file, which is part of the device's web interface. Exploitation of this flaw allows an unauthenticated remote attacker to trigger a denial of service (DoS) condition. The attack vector requires no user interaction, privileges, or authentication, and can be initiated over the network, making it accessible to any attacker with network access to the device. The vulnerability leads to a disruption of service, likely by causing the device to crash or restart, thereby interrupting network connectivity for users relying on the affected router. Although the exact technical mechanism is not detailed, the endpoint /H5/restart.asp suggests the vulnerability may be related to improper handling of restart commands or parameters, which can be manipulated to destabilize the device. The CVSS 4.0 base score of 6.9 reflects a medium severity, considering the ease of exploitation and the impact on availability, with no impact on confidentiality or integrity. No patches or fixes have been publicly linked yet, and no known exploits are reported in the wild, but public disclosure of the exploit code increases the risk of active exploitation.

Potential Impact

For European organizations, the impact of this vulnerability primarily concerns availability and operational continuity. Organizations using the D-Link DI-7003GV2 router in their network infrastructure may experience service interruptions if targeted by attackers exploiting this flaw. This can disrupt internet access, internal communications, and critical business operations dependent on network connectivity. Sectors with high reliance on continuous network uptime, such as finance, healthcare, manufacturing, and public services, could face operational delays and potential financial losses. Additionally, denial of service attacks can be leveraged as part of larger multi-vector attacks or to create distractions while other attacks are executed. Given the remote and unauthenticated nature of the exploit, attackers could launch attacks from anywhere, increasing the threat surface. However, since the vulnerability does not allow data compromise or privilege escalation, the impact on confidentiality and integrity is minimal.

Mitigation Recommendations

To mitigate this vulnerability, European organizations should first identify any deployment of the D-Link DI-7003GV2 router running the affected firmware version 24.04.18D1 R(68125). Immediate steps include isolating these devices from untrusted networks or restricting access to the management interface to trusted IP addresses only. Network segmentation can limit exposure. Organizations should monitor network traffic for unusual requests to /H5/restart.asp and implement intrusion detection/prevention systems (IDS/IPS) with custom signatures to detect and block exploitation attempts. Since no official patch is currently available, contacting D-Link support for firmware updates or advisories is critical. If possible, upgrading to a newer, unaffected firmware version or replacing the device with a more secure model is recommended. Additionally, organizations should maintain robust network monitoring and incident response plans to quickly identify and respond to any denial of service incidents. Regular backups and redundancy in network infrastructure can help maintain service continuity during attacks.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulDB
Date Reserved
2025-05-15T09:03:14.927Z
Cisa Enriched
true
Cvss Version
4.0
State
PUBLISHED

Threat ID: 682cd0f91484d88663aebdbd

Added to database: 5/20/2025, 6:59:05 PM

Last enriched: 7/11/2025, 11:18:49 PM

Last updated: 7/31/2025, 2:53:30 PM

Views: 13

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats