Primary

Context

D-Link DI-7003GV2 Denial-of-Service Vulnerability via Authentication Bypass

Vulnerability

An authentication bypass vulnerability has been identified in the D-Link DI-7003GV2 router, specifically in the firmware version 24.04.18D1 R(68125). This vulnerability allows remote attackers to access the /H5/restart.asp page without authentication, leading to a denial-of-service condition by forcing the device to restart. The issue has been publicly disclosed and is available as a proof-of-concept exploit.

Impact

Exploitation of this vulnerability causes the device to reboot, disrupting service and temporarily denying access until the restart is complete.

Reproduction

The vulnerability can be reproduced by sending a crafted HTTP request to the /H5/restart.asp endpoint. This can be automated with the available public exploit, which is hosted on GitHub.

Remediation

It is recommended to implement proper firewall rules to block unauthorized access to the vulnerable endpoint.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DI-7003GV2 Denial-of-Service Vulnerability via Authentication Bypass

Vulnerability

Impact

Reproduction

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating