Details of VAR-202505-1691

ID

VAR-202505-1691

CVE

CVE-2025-4749

TITLE

D-Link Systems, Inc. of di-7003g Improper Shutdown and Release of Resources in Firmware Vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2025-006206

DESCRIPTION

A vulnerability classified as critical was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This vulnerability affects the function sub_4983B0 of the file /H5/backup.asp?opt=reset of the component Factory Reset Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. D-Link Systems, Inc. of di-7003g A vulnerability exists in firmware related to improper shutdown and release of resources.Service operation interruption (DoS) It may be in a state. D-Link DI-7003GV2 is a router from D-Link, a Chinese company

Trust: 2.16

sources: NVD: CVE-2025-4749 // JVNDB: JVNDB-2025-006206 // CNVD: CNVD-2025-10950

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2025-10950

AFFECTED PRODUCTS

vendor:	dlink	model:	di-7003g	scope:	eq	version:	24.04.18d1_r\(68125\)	Trust: 1.0
vendor:	d link	model:	di-7003g	scope:	-	version:	-	Trust: 0.8
vendor:	d link	model:	di-7003g	scope:	eq	version:	-	Trust: 0.8
vendor:	d link	model:	di-7003g	scope:	eq	version:	di-7003g firmware 24.04.18d1 r(68125)	Trust: 0.8
vendor:	d link	model:	di-7003gv2 24.04.18d1 r	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2025-10950 // JVNDB: JVNDB-2025-006206 // NVD: CVE-2025-4749

CVSS

SEVERITY

CVSSV2

CVSSV3

cna@vuldb.com:	CVE-2025-4749
value:	HIGH
Trust: 1.0
OTHER:	JVNDB-2025-006206
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2025-10950
value:	HIGH
Trust: 0.6

cna@vuldb.com:	CVE-2025-4749
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
OTHER:	JVNDB-2025-006206
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
CNVD:	CNVD-2025-10950
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6

cna@vuldb.com:	CVE-2025-4749
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	3.9
impactScore:	3.6
version:	3.1
Trust: 1.0
OTHER:	JVNDB-2025-006206
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector:	NETWORK
attackComplexity:	LOW
privilegesRequired:	NONE
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: CNVD: CNVD-2025-10950 // JVNDB: JVNDB-2025-006206 // NVD: CVE-2025-4749

PROBLEMTYPE DATA

problemtype:	CWE-404	Trust: 1.0
problemtype:	Improper shutdown and release of resources (CWE-404) [ others ]	Trust: 0.8

sources: JVNDB: JVNDB-2025-006206 // NVD: CVE-2025-4749

EXTERNAL IDS

db:	NVD	id:	CVE-2025-4749	Trust: 3.2
db:	VULDB	id:	309052	Trust: 1.8
db:	JVNDB	id:	JVNDB-2025-006206	Trust: 0.8
db:	CNVD	id:	CNVD-2025-10950	Trust: 0.6

sources: CNVD: CNVD-2025-10950 // JVNDB: JVNDB-2025-006206 // NVD: CVE-2025-4749

REFERENCES

url:	https://github.com/at0de/my_vulns/blob/main/dlink/di-7003gv2/backup.md	Trust: 2.4
url:	https://vuldb.com/?id.309052	Trust: 1.8
url:	https://vuldb.com/?submit.571068	Trust: 1.8
url:	https://www.dlink.com/	Trust: 1.8
url:	https://vuldb.com/?ctiid.309052	Trust: 1.0
url:	https://nvd.nist.gov/vuln/detail/cve-2025-4749	Trust: 0.8

sources: CNVD: CNVD-2025-10950 // JVNDB: JVNDB-2025-006206 // NVD: CVE-2025-4749

SOURCES

db:	CNVD	id:	CNVD-2025-10950
db:	JVNDB	id:	JVNDB-2025-006206
db:	NVD	id:	CVE-2025-4749

LAST UPDATE DATE

2025-06-05T23:13:35.765000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2025-10950	date:	2025-05-29T00:00:00
db:	JVNDB	id:	JVNDB-2025-006206	date:	2025-06-04T05:45:00
db:	NVD	id:	CVE-2025-4749	date:	2025-06-03T15:57:57.250

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2025-10950	date:	2025-05-29T00:00:00
db:	JVNDB	id:	JVNDB-2025-006206	date:	2025-06-04T00:00:00
db:	NVD	id:	CVE-2025-4749	date:	2025-05-16T05:15:38.103