D-Link DI-7003GV2 Unverified Password Change Vulnerability in Web Management Interface

Vulnerability

A critical vulnerability exists in the D-Link DI-7003GV2 router, specifically in version 24.04.18D1 R(68125). The issue is located in the web management interface, within the 'webgl.asp' file. The vulnerability allows for an unverified password change by exploiting a specific function, 'sub_41F4F0'. This issue can be triggered remotely, potentially leading to unauthorized access or management of the device.

Impact

Exploitation of this vulnerability allows for unauthorized password changes, which could lead to unauthorized access or control over the affected device.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

D-Link DI-7003GV2 Unverified Password Change Vulnerability in Web Management Interface

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating