High severityNVD Advisory· Published Nov 26, 2025· Updated Apr 15, 2026

CVE-2019-25226

Description

Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/sys_system_config management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. The exposed configuration may include administrative credentials and other sensitive settings, enabling an unauthenticated attacker to obtain information that can facilitate further compromise of the device or network.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

dongyoung.comnvd
cxsecurity.com/issue/WLB-2019100012nvd
packetstorm.news/files/id/154719/nvd
www.vulncheck.com/advisories/dongyoung-media-dm-ap240tw-unauthenticated-config-disclosurenvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000