CVE-2025-1800

Published Mar 1, 2025

Last updated 2 months ago

CVSS medium 5.3

Overview

Description
A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the function get_ip_addr_details of the file /view/vpn/sxh_vpn/sxh_vpnlic.php of the component HTTP POST Request Handler. The manipulation of the argument ethname leads to command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
Source
cna@vuldb.com
NVD status
Awaiting Analysis
CNA Tags
unsupported-when-assigned

Risk scores

CVSS 4.0

Type
Secondary
Base score
5.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
MEDIUM

CVSS 3.1

Type
Secondary
Base score
6.3
Impact score
3.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Severity
MEDIUM

CVSS 2.0

Type
Secondary
Base score
6.5
Impact score
6.4
Exploitability score
8
Vector string
AV:N/AC:L/Au:S/C:P/I:P/A:P

Weaknesses

cna@vuldb.com
CWE-74

Social media

Hype score
Not currently trending

  1. ๐Ÿšจ CVE-2025-1800 ๐ŸŸ  MEDIUM (5.3) ๐Ÿข D-Link - DAR-7000 ๐Ÿ—๏ธ 3.2 ๐Ÿ”— https://t.co/NNKhtngxIV ๐Ÿ”— https://t.co/p52rxvKDuf ๐Ÿ”— https://t.co/uPDnryJVfn ๐Ÿ”— https://t.co/Ve1K2giW7p ๐Ÿ”— https://t.co/sYyss3yo3N #CyberCron #VulnAlert #InfoSec @Dlink https://t.co/vuSN77vIzg

    @cybercronai

    3 Mar 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. ๐Ÿšจ CVE-2025-1800 ๐ŸŸ  MEDIUM (5.3) ๐Ÿข D-Link - DAR-7000 ๐Ÿ—๏ธ 3.2 ๐Ÿ”— https://t.co/NNKhtngxIV ๐Ÿ”— https://t.co/p52rxvKDuf ๐Ÿ”— https://t.co/uPDnryJVfn ๐Ÿ”— https://t.co/Ve1K2giW7p ๐Ÿ”— https://t.co/sYyss3yo3N #CyberCron #VulnAlert #InfoSec https://t.co/yLrSkEHfAi

    @cybercronai

    2 Mar 2025

    102 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    1 Quote

  3. CVE-2025-1800 A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This vulnerability affects the function get_ip_addr_details of the file /view/vpn/sxh_โ€ฆ https://t.co/Y3yG20vVDv

    @CVEnew

    1 Mar 2025

    60 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.