Which versions of Dgnd3700 Firmware are affected by CVE-2025-4980?

Organizations using A vulnerability should be aware of notable risk from CVE-2025-4980, a information exposure vulnerability rated CVSS 6.9.

Is there a public PoC exploit available for CVE-2025-4980?

Yes, a public proof-of-concept exploit is available for CVE-2025-4980. Prioritise patching immediately. EPSS: 0.2%.

How to fix or mitigate CVE-2025-4980?

Within 7 days: Identify affected systems and apply vendor patches promptly. Review data exposure and access controls.

Dgnd3700 Firmware CVE-2025-4980

Q: What is the CVSS score of CVE-2025-4980?

CVE-2025-4980 has a CVSS 4.0 base score of 6.9 (Medium). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.2%.

MEDIUM

Information Exposure (CWE-200)

2025-05-20 cna@vuldb.com

Information Disclosure Netgear Dgnd3700 Firmware

6.9

CVSS 4.0

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Lifecycle Timeline

Analysis Generated

Mar 28, 2026 - 18:42 vuln.today

PoC Detected

Jun 12, 2025 - 16:21 vuln.today

Public exploit code

CVE Published

May 20, 2025 - 14:15 nvd

MEDIUM 6.9

DescriptionNVD

A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. This vulnerability affects unknown code of the file /currentsetting.htm of the component mini_http. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure.

AnalysisAI

A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. A vulnerability has been found in Netgear DGND3700 1.1.00.15_1.00.15NA and classified as problematic. This vulnerability affects unknown code of the file /currentsetting.htm of the component mini_http. The manipulation leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other products might be affected as well. The vendor was contacted early about this disclosure. Affected products include: Netgear Dgnd3700 Firmware.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

CVE-2025-4980 vulnerability details – vuln.today

Back

Dgnd3700 Firmware CVE-2025-4980

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

Dgnd3700 Firmware CVE-2025-4980

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code