CVE-2025-1104
Published: 07 February 2025
Description
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Security Summary
CVE-2025-1104 is a critical vulnerability affecting the D-Link DHP-W310AV router at version 1.04, specifically impacting unknown code within the device. It enables authentication bypass through spoofing, as classified under CWE-287 (Improper Authentication) and CWE-290 (Authentication Bypass by Spoofing). The issue carries a CVSS v3.1 base score of 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L), indicating high severity due to its network-accessible nature and lack of prerequisites.
Remote attackers require no privileges or user interaction to exploit this vulnerability over the network with low complexity. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, such as unauthorized access to restricted functions via spoofed authentication.
Advisories from VulDB (ctiid.294934, id.294934, submit.489958) and a GitHub repository (kn1g78/cve/blob/main/dlink.md) document the issue, with D-Link's official site (dlink.com) listed as a reference for further details. The exploit has been publicly disclosed and may be actively used.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
CVE-2025-1104 enables remote authentication bypass by spoofing in the D-Link DHP-W310AV network device, facilitating exploitation of a public-facing application for initial access.