CVE-2025-4901

May 18, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-4901
Type cve
Published 2025-05-19T00:15:17
Last Seen 2025-05-19T00:21:51

CVSS Information

Base Score 4.3 (MEDIUM)
Attack Vector ADJACENT
Attack Complexity LOW
Privileges Required NONE
User Interaction NONE
Scope UNCHANGED
Confidentiality Impact LOW
Integrity Impact NONE
Availability Impact NONE

AI Analysis

AI Description A vulnerability in D-Link DI-7003GV2 24.04.18D1 R(68125) allows adjacent network attackers to obtain sensitive information via the /H5/state_view.data HTTP endpoint. The issue is due to improper access controls in the function sub_41E304, potentially exposing system state information to unauthorized users.
AI Severity Medium
Vendor D-Link
Product DI-7003GV2
Affected Version 24.04.18D1 R(68125)

Additional Information

CVE List CVE-2025-4901
CWE List CWE-200, CWE-284
Bulletin Family cve

Description

A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected by this vulnerability is the function sub_41E304 of the file /H5/state_view.data of the component HTTP Endpoint. The…

CVSS Score Summary

Base Score: %!f(string=#) (MEDIUM)

View Full CVE Details

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.