CVE-2025-63206 | THREATINT

Description

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface, firmware versions 1.01.18 and 1.02.00, allowing attackers to gain escalated privileges via storing crafted cookies in the web browser.

PUBLISHED Reserved 2025-10-27 | Published 2025-11-19 | Updated 2025-11-20 | Assigner mitre

References

github.com/...3206_Dasan Switch DS2924 Authentication Bypass exploit

dasansmc.com/

github.com/...3206_Dasan Switch DS2924 Authentication Bypass

cve.org (CVE-2025-63206)

nvd.nist.gov (CVE-2025-63206)

Download JSON