MEDIUM🇵🇱 Wersja polska

CVE-2025-4980

CVSS 6.9v4.0pub. 2025-05-20upd. 2025-06-12

A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. This vulnerability affects unknown code of the file /currentsetting.htm of the component mini_http. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Netgear Dgnd3700

    HW
    Netgear
    v2
  • Netgear Dgnd3700 Firmware

    OS
    Netgear
    1.1.00.15_1.00.15na
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-4978CRITICAL9.3PL ✓ten sam produkt

Netgear DGND3700 — pominięcie uwierzytelniania w /BRS_top.html

CVE-2019-17373CRITICAL9.8ten sam produkt

Certain NETGEAR devices allow unauthenticated access to critical .cgi and .htm pages via a substring ending wi...

CVE-2016-5649CRITICAL9.8ten sam produkt

A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, an...

CVE-2016-11059HIGH7.5ten sam produkt

Certain NETGEAR devices are affected by password exposure. This affects AC1450 before 2017-01-06, C6300 before...

CVE-2025-4977MEDIUM6.9ten sam produkt

A vulnerability, which was classified as problematic, has been found in Netgear DGND3700 1.1.00.15_1.00.15NA. ...