cbcvebase.
CVE-2019-25226
published 2025-11-26

CVE-2019-25226: Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/sys_system_config…

PriorityP260high8.7CVSS 4.0
AVNACLATNPRNUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.48%
37.8th percentile
Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/sys_system_config management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration may include administrative credentials and other sensitive settings, enabling an unauthenticated attacker to obtain information that can facilitate further compromise of the device or network.

Affected

1 ranges
VendorProductVersion rangeFixed in
dongyoung_media_tech_co_ltddm-ap240t_w_wireless_access_point
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.