Dasan DS2924 Switch CVE-2025-63206 Authentication Bypass via Cookie Manipulation

Key Information Summary CVE ID: CVE-2025-63206 Vulnerability Name: Dasan Switch DS2924 Authentication Bypass Vulnerability Description Dasan Switch DS2924 (firmware versions 1.01.18 and 1.02.00) is affected by an authentication bypass vulnerability due to insecure cookie management in the endpoint and other paths. Attackers can manipulate the and cookies to gain unauthorized access to the device's web management interface, potentially compromising the network device. Affected Products/Codebases Product: Dasan Switch DS2924 Affected Firmware/Software Versions: - Model Name: DS2924 - Firmware Versions: 1.01.18 & 1.02.00 Vulnerable Endpoints Attack Type Type: Authentication Bypass Classification: Improper Authentication Implementation Impact Severity: High Description: - Due to flawed session management, DS2924 devices (firmware versions 1.01.18 and 1.02.00) are vulnerable to authentication bypass attacks. - By manipulating cookies, attackers can completely bypass the login process and gain unauthorized access to the device’s web management interface. - This vulnerability allows attackers to take control of the network switch, modify configurations, or perform other malicious actions on the network. Affected Components Authentication Mechanism (weak cookie-based authentication) Attack Vector Access Method: Manipulating cookies or running scripts in the browser to set cookies Authentication Required: None (attackers bypass authentication via cookies) Exploit Complexity: Low Proof of Concept (PoC) Exploit: Bypass authentication via cookie manipulation Reproduction Steps: 1. Open a web browser. 2. Navigate to the device’s login page (replace with the device’s IP address): 3. In the browser’s developer console, execute the following JavaScript to bypass authentication: 4. Refresh the page or directly access the management interface: 5. The attacker will gain administrator-level access to the device without logging in. Vulnerability Type Information Vulnerability Type: Authentication Bypass (cookie-based) CWE-ID: - CWE-306 - Missing Authentication for Critical Function - CWE-287 - Improper Authentication Definition: Attackers can bypass authentication by setting the and cookies to and , respectively, without requiring any valid credentials. Impact Information Impact Type: - Unauthorized Access: Attackers gain access to device management functions. - Privilege Escalation: Attackers obtain administrator-level access without proper authentication. - Potential Malicious Activities: Attackers can reconfigure the device or perform actions that may disrupt network operations. Discoverer Mohamed Shahat Recommended Remediation Implement Secure Session Management - Ensure the device validates authentication on every request, not just relying on cookies. - Implement secure session tokens and access control mechanisms that are not easily manipulated via cookies. Enforce Strong Authentication for Critical Endpoints - All management and configuration endpoints, such as , should require proper authentication via username/password. Encrypt Cookies - Cookies should be securely encrypted and should not contain sensitive session information such as or . Mitigation and Workarounds Until a patch is released, administrators should: Restrict access to the management interface via IP filtering or by using a VPN. Disable remote access or limit it to trusted devices. Monitor for unauthorized sessions or unusual access patterns.

Goal Reached Thanks to every supporter — we hit 100%!

Dasan DS2924 Switch CVE-2025-63206 Authentication Bypass via Cookie Manipulation

More from this source