CNNVD-202511-2838 Information

CNNVD ID

CNNVD-202511-2838

Related CVE

CVE-2019-25226

• CNNVD Published: 2025-11-26

Description (Chinese)

Dongyoung DM-AP240T/W是韩国Dongyoung公司的一款无线访问点设备。 Dongyoung DM-AP240T/W存在访问控制错误漏洞，该漏洞源于/cgi-bin/sys_system_config管理端点未经验证即可远程检索压缩配置存档，可能导致设备或网络进一步被破解。

Description (English)

Dongyoung DM-AP240T/W is a wireless access point for Dongyoung Korea. Dongyoung DM-AP240T/W has an access control error loophole, which originates from/cgi-bin/sys system config management endpoints that can be retrieved remotely for compression configuration archiving without authentication, which may lead to further breakdown of the device or network.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

Dongyoung

Published

2025-11-26

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/dongyoung-media-dm-ap240tw-unauthenticated-config-disclosure https://packetstorm.news/files/id/154719/ https://cxsecurity.com/issue/WLB-2019100012 http://dongyoung.com/ https://access.redhat.com/security/cve/cve-2019-25226