CVE-2025-53757
BaseFortify
Publication date: 2025-07-16
Last updated on: 2025-07-16
Assigner: Indian Computer Emergency Response Team (CERT-In)
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| digisol | dg-gr6821ac_router | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-1004 | The product uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag. |
| CWE-614 | The Secure attribute for sensitive cookies in HTTPS sessions is not set. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Digisol DG-GR6821AC Router due to a misconfiguration of the Secure and HttpOnly flags on session cookies used by the router's web interface. Because these flags are not properly set, a remote attacker can capture session cookies transmitted over an unsecure HTTP connection, potentially allowing unauthorized access to sensitive information on the device.
How can this vulnerability impact me? :
If exploited, this vulnerability could allow an attacker to obtain sensitive information from the targeted router device by capturing session cookies. This could lead to unauthorized access to the router's web interface and potentially compromise the security and privacy of the network and connected devices.