Authenticated Command Injection in AVTECH DGM1104 Security Products
CVE-2025-57200

6.5MEDIUM

Key Information:

Vendor: AVTECH SECURITY Corporation
Status: DGM1104
Vendor: CVE Published:; 3 December 2025

🔔 Create AVTECH SECURITY Corporation Vulnerability Alert

What is CVE-2025-57200?

The DGM1104 series by AVTECH SECURITY Corporation has been found to contain an authenticated command injection vulnerability within its test_mail function. This flaw enables attackers to exploit the system by sending specially crafted input, allowing them to execute arbitrary commands on the affected devices. Mitigating this risk is crucial for maintaining the integrity and security of the affected products.

References

http://avtech.com

http://dgm1104.com

https://github.com/xchg-rax-rax/vulnerability-research/tr...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 3, 2025
Vulnerability Reserved
Aug 17, 2025

JSON