How severe is CVE-2023-37325?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2023-37325?

This is classified as CWE-306, which is a common weakness in software security.

CVE-2023-37325 - MEDIUM Severity | CVSS 5.4

Vulnerability Description

D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability. This vulnerability allows network-adjacent attackers to make unauthorized changes to device configuration on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the DDP service. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to manipulate wireless authentication settings. . Was ZDI-CAN-20104.

Related Vulnerabilities

CVE-2020-13289

MEDIUM

CVSS:5.4(Medium)

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated.

CWE-3062020

CVE-2021-20107

MEDIUM

CVSS:5.4(Medium)

There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kine...

CWE-3062021

CVE-2021-31868

MEDIUM

CVSS:5.4(Medium)

Rapid7 Nexpose version 6.6.95 and earlier allows authenticated users of the Security Console to view and edit any ticket in the legacy ticketing feature, regardless of the assignment of the ticket. Th...

CWE-3062021

CVE-2022-26394

MEDIUM

CVSS:5.4(Medium)

The Baxter Spectrum WBM does not perform mutual authentication with the gateway server host. This may allow an attacker to perform a man in the middle attack that modifies parameters making the networ...

CWE-3062022

CVE-2025-24271

MEDIUM

CVSS:5.4(Medium)

An access issue was addressed with improved access restrictions. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18....

CWE-3062025

CVE-2025-48742

MEDIUM

CVSS:5.4(Medium)

The installer in SIGB PMB before and fixed in v.8.0.1.2 allows remote code execution.

CWE-3062025