CVE-2025-0481

A vulnerability classified as problematic has been found in D-Link DIR-878 1.03. Affected is an unknown function of the file /dllog.cgi of the component HTTP POST Request Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Published: Jan 15, 2025
Updated: Jul 17, 2025
CVE: CVE-2025-0481
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-200
CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
dlink / dir-878_firmware	1.03	1.03.x

https://github.com/abcdefg-png/IoT-vulnerable/blob/main/Unauthorized_Vulnerability/D-Link/DIR-878/dllog.md
https://vuldb.com/?ctiid.291924
https://vuldb.com/?id.291924
https://vuldb.com/?submit.475011
https://www.dlink.com/

Vulnerability Database

CVE-2025-0481

Deep Security Visibility Without the Complexity