Which versions of Dgnd3700 Firmware are affected by CVE-2025-4977?

CVE-2025-4977 presents notable security risk, a information exposure vulnerability rated CVSS 6.9. Sensitive information could be exposed to unauthorized parties.

Is there a public PoC exploit available for CVE-2025-4977?

Yes, a public proof-of-concept exploit is available for CVE-2025-4977. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate CVE-2025-4977?

Within 7 days: Identify affected systems and apply vendor patches promptly. Review data exposure and access controls.

Dgnd3700 Firmware CVE-2025-4977

Q: What is the CVSS score of CVE-2025-4977?

CVE-2025-4977 has a CVSS 4.0 base score of 6.9 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.2%.

MEDIUM

Information Exposure (CWE-200)

2025-05-20 cna@vuldb.com

Information Disclosure Netgear Dgnd3700 Firmware

6.9

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:42 vuln.today

PoC Detected

Jun 12, 2025 - 16:22 vuln.today

Public exploit code

CVE Published

May 20, 2025 - 13:15 nvd

MEDIUM 6.9

DescriptionNVD

A vulnerability, which was classified as problematic, has been found in Netgear DGND3700 1.1.00.15_1.00.15NA. Affected by this issue is some unknown functionality of the file /BRS_top.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.

AnalysisAI

A vulnerability, which was classified as problematic, has been found in Netgear DGND3700 1.1.00.15_1.00.15NA. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. A vulnerability, which was classified as problematic, has been found in Netgear DGND3700 1.1.00.15_1.00.15NA. Affected by this issue is some unknown functionality of the file /BRS_top.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure. Affected products include: Netgear Dgnd3700 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

CVE-2025-4977 vulnerability details – vuln.today

Back

Dgnd3700 Firmware CVE-2025-4977

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

Dgnd3700 Firmware CVE-2025-4977

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code