Severity
Medium
Analysis Summary
CVE-2025-4749 CVSS:7.5
D-Link DI-7003GV2 is vulnerable to a denial of service, caused by a flaw in function sub_4983B0 of the file /H5/backup.asp?opt=reset of the component Factory Reset Handler.
CVE-2025-4750 CVSS:5.3
D-Link DI-7003GV2 could allow a remote attacker to obtain sensitive information, caused by a flaw in the file /H5/get_version.data of the component Configuration Handler.
CVE-2025-4751 CVSS:5.3
D-Link DI-7003GV2 could allow a remote attacker to obtain sensitive information, caused by a flaw in the file /index.data.
CVE-2025-4752 CVSS:5.3
D-Link DI-7003GV2 could allow a remote attacker to obtain sensitive information, caused by a flaw in the file /install_base.data.
CVE-2025-4753 CVSS:5.3
D-Link DI-7003GV2 could allow a remote attacker to obtain sensitive information, caused by a flaw in the file /login.data.
CVE-2025-4755 CVSS:7.3
D-Link DI-7003GV2 could allow a remote attacker to bypass security restrictions, caused by improper authentication in function sub_497DE4 of the file /H5/netconfig.asp.
CVE-2025-4756 CVSS:5.3
D-Link DI-7003GV2 is vulnerable to a denial of service, caused by a flaw in the file /H5/restart.asp.
Impact
- Denial of Service
- Information Disclosure
- Security Bypass
Indicators of Compromise
CVE
CVE-2025-4749
CVE-2025-4750
CVE-2025-4751
CVE-2025-4752
CVE-2025-4753
CVE-2025-4755
CVE-2025-4756
Affected Vendors
- D-Link
Affected Products
- D-Link DI-7003GV2 - 24.04.18D1 R(68125)
Remediation
Refer to the D-Link Website for patch, upgrade, or suggested workaround information.