CVE-2025-53757 HIGH

CVE-2025-53757: Insecure Cookie Flags Vulnerability in Digisol DG-GR6821AC Router

Vendor Digisol
Product XPON ONU Wi-Fi Router (DG-GR6821AC)
Weakness CWE-614 · Cookie without Secure flag
Published July 16, 2025
Last update July 16, 2025

CVSS base score

8.7/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

This vulnerability exists in Digisol DG-GR6821AC Router due to misconfiguration of both Secure and HttpOnly flags on session cookies associated with the router web interface. A remote attacker could exploit this vulnerability by capturing the session cookies transmitted over an unsecure HTTP connection. Successful exploitation of this vulnerability could allow the attacker to obtain sensitive information from the targeted device.

Key dates

02Disclosure timeline

July 16, 2025 CVE published
July 16, 2025 Record updated