17 matches found
CVE-2022-26987
TP-Link TL-WDR7660 2.0.30, Mercury D196G 202001092.0.4, and Fast FAC1900R 201908272.0.2 routers have a stack overflow issue in MmtAtePrase function. Local users could get remote code execution...
EUVD-2025-202296
A stored Cross site scripting XSS vulnerability in the Mercury MR816v2 081C3114 4.8.7 Build 110427 Rel 36550n router allows a remote attacker on the LAN to inject JavaScript into the router's management UI by submitting a malicious hostname. The injected script is stored and later executed in the...
PT-2025-50102
Name of the Vulnerable Software and Affected Versions Mercury MR816v2 version 4.8.7 Build 110427 Rel 36550n Description A stored Cross Site Scripting XSS flaw exists in the Mercury MR816v2 router. A remote attacker on the Local Area Network LAN can inject JavaScript into the router’s management...
CVE-2025-65289
A stored Cross site scripting XSS vulnerability in the Mercury MR816v2 081C3114 4.8.7 Build 110427 Rel 36550n router allows a remote attacker on the LAN to inject JavaScript into the router's management UI by submitting a malicious hostname. The injected script is stored and later executed in the...
CVE-2025-65288
CVE-2025-65288 affects Mercury MR816v2. The reported issue is a buffer overflow in the device when accepting excessively long hostnames from LAN hosts, due to unchecked copies/concatenations into fixed-size buffers. Impact described as crash (DoS) with potential remote code execution. Affected pr...
CVE-2025-10385
A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Affected by this issue is the function sub450B2C of the file /goform/mcrsetSysAdm. The manipulation of the argument ChgUserId leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been...
CVE-2025-10385 Mercury KM08-708H GiGA WiFi Wave2 mcr_setSysAdm sub_450B2C buffer overflow
A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Affected by this issue is the function sub450B2C of the file /goform/mcrsetSysAdm. The manipulation of the argument ChgUserId leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been...
Mercury KM08-708H GiGA WiFi Wave2 安全漏洞
Mercury KM08-708H GiGA WiFi Wave2 is a wireless router from Mercury China. A security vulnerability exists in Mercury KM08-708H GiGA WiFi Wave2 version 1.1, which originates from an incorrect operation of the function sub450B2C in the parameter ChgUserId in the file /goform/mcrsetSysAdm, which...
CVE-2022-26988
TP-Link TL-WDR7660 2.0.30, Mercury D196G 202001092.0.4, and Fast FAC1900R 201908272.0.2 routers have a stack overflow issue in MntAte function. Local users could get remote code execution...
Mercury Router Command Injection (CVE-2020-22724)
A command injection vulnerability exists in Mercury Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2020-22724
A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...
CVE-2020-22724
A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...
Design/Logic Flaw
A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...
CVE-2020-22724
Mercury Router MER1200 v1.0.1 and MER1200G v1.0.1 expose a remote command execution via the PPTP_SERVER add_server_service component. Multiple sources (NVD/NVD-derived entries, CNNVD, PT Security) describe a command-injection flaw in add_server_service of PPTP_SERVER that allows arbitrary command...
CVE-2020-22724
A remote command execution vulnerability exists in addserverservice of PPTPSERVER in Mercury Router MER1200 v1.0.1 and Mercury Router MER1200G v1.0.1...
PT-2021-10783 · Mercury · Mercury Router Mer1200
Name of the Vulnerable Software and Affected Versions: Mercury Router MER1200 version 1.0.1 Mercury Router MER1200G version 1.0.1 Description: A remote command execution issue exists in the add server service of PPTP SERVER in the affected routers. Recommendations: For Mercury Router MER1200...
Denial of Service Vulnerability in MERCURY MR108GP-AC V2.0
MR108GP-AC is an enterprise router from Shenzhen Meike Star Communication Technology Co. A denial of service vulnerability exists in the MERCURY MR108GP-AC V2.0, which can be exploited by attackers to cause a denial of service attack...