CVE-2025-4980

A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. This vulnerability affects unknown code of the file /currentsetting.htm of the component mini_http. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.

Published: May 20, 2025
Updated: Jun 13, 2025
CVE: CVE-2025-4980
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.3
AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWEs:

CWE-200
CWE-284

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
netgear / dgnd3700_firmware	1.1.00.15_1.00.15na	1.1.00.15_1.00.15na.x

https://github.com/at0de/my_vulns/blob/main/Netgear/DGND3700v2/currentsetting.md
https://vuldb.com/?ctiid.309640
https://vuldb.com/?id.309640
https://vuldb.com/?submit.564714
https://www.netgear.com/

Vulnerability Database

289,784

CVE-2025-4980