Severity
High
Analysis Summary
CVE-2025-4978 CVSS:9.8
A vulnerability, which was classified as very critical, was found in Netgear DGND3700. This affects an unknown part of the file /BRS_top.html of the component Basic Authentication. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.
CVE-2025-4977 CVSS:5.3
A vulnerability, which was classified as problematic, has been found in Netgear DGND3700. Affected by this issue is some unknown functionality of the file /BRS_top.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.
Impact
- Gain Access
- Information Disclosure
Indicators of Compromise
CVE
CVE-2025-4978
CVE-2025-4977
Affected Vendors
- NETGEAR
Affected Products
- NETGEAR DGND3700 - 1.1.00.15_1.00.15NA
Remediation
Refer to NETGEAR Security Advisory for patch, upgrade, or suggested workaround information.