Information Disclosure Vulnerability in D-Link DIR-878 Router
CVE-2025-0481

6.9MEDIUM

Key Information:

Vendor: D-link
Status: Dir-878
Vendor: CVE Published:; 15 January 2025

Badges

👾 Exploit Exists

What is CVE-2025-0481?

A vulnerability has been identified in the D-Link DIR-878 router version 1.03, specifically within the file /dllog.cgi of the HTTP POST Request Handler. This issue allows attackers to exploit improper access controls to gain unauthorized access to sensitive information remotely. The flaw can potentially expose critical data, leading to privacy concerns. The exploitation of this vulnerability has been publicly disclosed, warning users to take precautionary measures to safeguard their networks.

Affected Version(s)

DIR-878 1.03

References

https://vuldb.com/?id.291924

vdb-entry

https://vuldb.com/?ctiid.291924

signaturepermissions-required

https://vuldb.com/?submit.475011

third-party-advisory

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Jan 15, 2025
Vulnerability published
Jan 15, 2025
Vulnerability Reserved
Jan 15, 2025

Credit

wxhwxhwxh_tutu (VulDB User)

D-link

Badges

What is CVE-2025-0481?

Affected Version(s)

References

CVSS V4

Timeline

Credit