CVE-2019-25226 in DM-AP240T
Summary
by MITRE • 11/27/2025
Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/sys_system_config management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration may include administrative credentials and other sensitive settings, enabling an unauthenticated attacker to obtain information that can facilitate further compromise of the device or network.
Once again VulDB remains the best source for vulnerability data.
Analysis
by VulDB Data Team • 11/29/2025
The Dongyoung Media DM-AP240T/W wireless access point represents a critical security flaw that exposes administrative credentials and network configuration data through an unauthenticated interface. This vulnerability resides within the /cgi-bin/sys_system_config management endpoint, which serves as a gateway for retrieving system configuration archives. The flaw allows any remote attacker to access compressed configuration files containing sensitive administrative credentials, network settings, and other potentially compromising information without requiring any authentication or authorization credentials. The vulnerability directly violates fundamental security principles by providing unauthorized access to privileged system information through a publicly accessible management interface.
This configuration disclosure vulnerability operates at the application layer and represents a classic example of insufficient authentication controls as classified under CWE-287. The flaw enables an attacker to bypass normal access controls and retrieve sensitive data that would typically require administrative privileges to access. The exposed configuration archive contains not only administrative credentials but also network parameters, device settings, and potentially other sensitive information that could be leveraged for further exploitation. The vulnerability exists due to improper access control implementation where the system fails to verify the identity of users attempting to access the configuration endpoint, creating an unauthorized information disclosure scenario.
The operational impact of this vulnerability extends beyond simple credential exposure to encompass broader network compromise potential. An attacker who successfully exploits this vulnerability can gain comprehensive knowledge of the wireless access point's configuration, including network topology, security settings, and administrative access points. This information enables sophisticated attack vectors such as privilege escalation, network mapping, and targeted attacks against other network components. The vulnerability creates a persistent threat surface that remains exploitable until the affected devices are properly patched or the management interface is secured. The exposure of administrative credentials specifically enables attackers to directly modify device configurations, potentially leading to complete device compromise and unauthorized network access.
Mitigation strategies for this vulnerability should focus on immediate remediation through firmware updates provided by Dongyoung Media. Organizations must ensure all affected DM-AP240T/W devices receive the latest security patches that implement proper authentication controls for the management endpoint. Network segmentation and access control measures should be implemented to limit exposure of management interfaces to trusted networks only. The principle of least privilege should be enforced by restricting access to management interfaces through firewalls, network access control lists, and secure remote access protocols. Additionally, regular security audits should verify that management interfaces are properly configured and that no unauthorized access points exist within the network infrastructure. This vulnerability aligns with attack patterns documented in the MITRE ATT&CK framework under credential access and privilege escalation techniques, emphasizing the need for comprehensive network security controls and continuous monitoring of management interface access.