CVE-2025-4904 is an information disclosure vulnerability identified in the D-Link DI-7003GV2 router, specifically affecting firmware version 24.04.18D1 R(68125). The vulnerability resides in the function sub_41F0FC within the /H5/webgl.data file. This flaw allows an unauthenticated remote attacker to manipulate the vulnerable function, leading to unauthorized disclosure of sensitive information. The vulnerability is remotely exploitable without requiring any user interaction or prior authentication, which increases its risk profile. The CVSS v4.0 base score is 6.9, categorizing it as a medium severity issue. The vector string indicates the attack vector is network-based (AV:N), with low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The impact is limited to confidentiality (VC:L) with no impact on integrity or availability. Although no known exploits are currently observed in the wild, the public disclosure of the exploit code increases the likelihood of exploitation attempts. The vulnerability could allow attackers to extract sensitive configuration data or other information that could facilitate further attacks or reconnaissance against the affected device or network. Given the critical role of routers in network infrastructure, such information disclosure could undermine network security posture if leveraged effectively.

For European organizations, the impact of CVE-2025-4904 could be significant, especially for those relying on the D-Link DI-7003GV2 router in their network infrastructure. Information disclosure vulnerabilities can lead to leakage of sensitive configuration details, network topology, or credentials, which attackers can use to escalate attacks, conduct targeted intrusions, or bypass security controls. This risk is heightened in sectors with stringent data protection requirements such as finance, healthcare, and government institutions across Europe. Additionally, organizations with remote or distributed networks using this router model may face increased exposure due to the remote exploitability of the vulnerability. While the vulnerability does not directly affect system integrity or availability, the confidentiality breach can facilitate subsequent attacks that may compromise these aspects. The medium severity rating suggests a moderate but non-trivial risk, warranting prompt attention to prevent exploitation, especially in environments where network devices are exposed to untrusted networks or the internet.

To mitigate CVE-2025-4904 effectively, European organizations should first verify if they are using the affected D-Link DI-7003GV2 firmware version 24.04.18D1 R(68125). Immediate steps include: 1) Checking for and applying any official firmware updates or patches released by D-Link addressing this vulnerability. If no patch is available, consider contacting D-Link support for guidance or firmware upgrade timelines. 2) Restricting remote access to the router's management interfaces by implementing network segmentation and firewall rules to limit access only to trusted internal networks or VPN connections. 3) Disabling any unnecessary remote management features or services that expose the vulnerable function. 4) Monitoring network traffic for unusual or suspicious activity targeting the router, especially attempts to access the /H5/webgl.data endpoint or related functions. 5) Employing intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics capable of detecting exploitation attempts once such signatures become available. 6) As a longer-term measure, consider replacing affected devices with models that have a stronger security track record and receive regular security updates. These targeted actions go beyond generic advice by focusing on the specific vulnerable component and attack vector.