CVE-2025-4903 – D-Link DI-7003GV2 Authentication Bypass Vulnerability

May 19, 2025

CVE ID : CVE-2025-4903

Published : May 19, 2025, 1:15 a.m. | 1 hour, 32 minutes ago

Description : A vulnerability, which was classified as critical, was found in D-Link DI-7003GV2 24.04.18D1 R(68125). This affects the function sub_41F4F0 of the file /H5/webgl.asp?tggl_port=0&remote_management=0&http_passwd=game&exec_service=admin-restart. The manipulation leads to unverified password change. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-4904 – D-Link DI-7003GV2 Information Disclosure Vulnerability

Next Article CVE-2025-4902 – D-Link DI-7003GV2 Information Disclosure Vulnerability

Highlights

CVE-2025-46552 – GitHub KHC-INVITATION-AUTOMATION Unauthenticated User Data Disclosure

April 30, 2025

CVE ID : CVE-2025-46552

Published : April 29, 2025, 11:16 p.m. | 3 hours, 52 minutes ago

Description : KHC-INVITATION-AUTOMATION is a GitHub automation script that automatically invites followers of a bot account to join your organization. In some commits on version 1.2, a vulnerability was identified where user data, including email addresses and Discord usernames, were exposed in API responses without proper access controls. This allowed unauthorized users to access sensitive user information by directly calling specific endpoints. This issue has been patched in a later commit on version 1.2.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2025-4903 – D-Link DI-7003GV2 Authentication Bypass Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

FBI Warns of Scattered Spider’s Expanding Attacks on Airlines Using Social Engineering

Can OpenAI’s mandatory week-long break fend off Meta’s $100 million talent grab? — “Someone has broken into our home”

Obsidian publishes Avowed roadmap, with the Xbox RPG getting arachnophobia mode, New Game Plus, and more

Apple doesn’t need better AI as much as AI needs Apple to bring its A-game

CVE-2025-46552 – GitHub KHC-INVITATION-AUTOMATION Unauthenticated User Data Disclosure

CVE-2025-30664 – Zoom Workplace App Path Traversal Vulnerability

The Nintendo Switch 2 has game sharing and a camera — sound familiar?

CVE-2025-6951 – SAFECAM X300 FTP Service Default Credentials Vulnerability

CVE-2025-4903 – D-Link DI-7003GV2 Authentication Bypass Vulnerability

Related Posts