CVE-2025-4901 | D-Link DI-7003GV2 24.04.18D1 R(68125) HTTP Endpoint /H5/state_view.data sub_41E304 information disclosure

Inserito da Angelo Barbosa | Mag 17, 2025 | CVE

A vulnerability classified as problematic was found in D-Link DI-7003GV2 24.04.18D1 R(68125). Affected by this vulnerability is the function sub_41E304 of the file /H5/state_view.data of the component HTTP Endpoint. The manipulation leads to information disclosure.

This vulnerability is known as CVE-2025-4901. The attack can only be done within the local network. Furthermore, there is an exploit available.

It is recommended to apply restrictive firewalling.

CVE-2025-4901 | D-Link DI-7003GV2 24.04.18D1 R(68125) HTTP Endpoint /H5/state_view.data sub_41E304 information disclosure

Post correlati

CVE-2024-30926 | jeffpiazza DerbyNet 9.0 /inc/kiosks.inc address_for_current_kiosk id/address cross site scripting

CVE-2023-23639 | MainWP Staging Extension Plugin up to 4.0.3 on WordPress authorization

CVE-2025-23046 | GLPI up to 10.0.17 OauthIMAP Plugin incorrect implementation of authentication algorithm (GHSA-vfxc-qg3v-j2r5)

CVE-2024-2436 | Lightweight Accordion Plugin up to 1.5.16 on WordPress Shortcode cross site scripting