D-Link DI-7003GV2 24.04.18D1 HTTP EP info discl
CVE-2025-4901 Published on May 19, 2025
D-Link DI-7003GV2 HTTP Endpoint state_view.data sub_41E304 information disclosure
A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected by this vulnerability is the function sub_41E304 of the file /H5/state_view.data of the component HTTP Endpoint. The manipulation leads to information disclosure. The attack can only be done within the local network. The exploit has been disclosed to the public and may be used.
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Types
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2025-4901 has been classified to as an Information Disclosure vulnerability or weakness.
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2025-4901 has been classified to as an Authorization vulnerability or weakness.
Products Associated with CVE-2025-4901
Want to know whenever a new CVE is published for D-Link Di 7003g Firmware? stack.watch will email you.
Affected Versions
D-Link DI-7003GV2 Version 24.04.18D1 R(68125) is affected by CVE-2025-4901Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.