Vulnerability Database

315,363

Total vulnerabilities in the database

CVE-2025-63206

An authentication bypass issue was discovered in Dasan Switch DS2924 web based interface, firmware versions 1.01.18 and 1.02.00, allowing attackers to gain escalated privileges via storing crafted cookies in the web browser.

  • Published: Nov 19, 2025
  • Updated: Jan 1, 2026
  • CVE: CVE-2025-63206
  • Severity: Critical
  • Exploit:

CVSS v3:

  • Severity: Critical
  • Score: 9.8
  • AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWEs:

Software From Fixed in
dasannetworks / ds2924_firmware 1.01.18 1.01.18.x
dasannetworks / ds2924_firmware 1.02.00 1.02.00.x