CVE-2025-3758: Exposure of Device Configuration without Authentication in WF2220
First published: Thu May 08 2025(Updated: )
WF2220 exposes endpoint /cgi-bin-igd/netcore_get.cgi that returns configuration of the device to unauthorized users. Returned configuration includes cleartext password. The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cvd@cert.pl
| Affected Software | Affected Version | How to fix |
|---|---|---|
| WF2220 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-3758?
CVE-2025-3758 is considered a high severity vulnerability due to the exposure of sensitive device configuration including cleartext passwords.
How do I fix CVE-2025-3758?
To fix CVE-2025-3758, it is recommended to restrict access to the /cgi-bin-igd/netcore_get.cgi endpoint and implement authentication for device configuration access.
What devices are affected by CVE-2025-3758?
CVE-2025-3758 specifically affects the WF WF2220 model.
What type of data is exposed in CVE-2025-3758?
CVE-2025-3758 exposes the device configuration data, including cleartext passwords, to unauthorized users.
Has the vendor responded to the CVE-2025-3758 disclosure?
The vendor of the WF2220 has not responded to the disclosure regarding CVE-2025-3758.
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/title
- agent/first-publish-date
- agent/weakness
- agent/type
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/author
- agent/source
- agent/last-modified-date
- agent/tags
- agent/severity
- agent/event
- vendor/wf
- canonical/wf2220