CVE-2025-10392

The CVE-2025-10392 entry concerns Mercury KM08-708H GiGA WiFi Wave2 1.1.14. Affects the HTTP Header Handler component, where manipulating the Host argument causes a stack-based buffer overflow. The vulnerability is exploitable remotely, with exploit code publicly available. Documents indicate a C...

CVE-2025-10385

The CVE-2025-10385 entry concerns Mercury KM08-708H GiGA WiFi Wave2 (version 1.1). Affected code is the function sub_450B2C in /goform/mcr_setSysAdm; manipulating the ChgUserId argument causes a buffer overflow. The issue is exploitable remotely and has public PoC/exploits. Reported impact indica...

Mercury KM08-708H GiGA WiFi Wave2 安全漏洞

Mercury KM08-708H GiGA WiFi Wave2 is a wireless router from Mercury China. A security vulnerability exists in Mercury KM08-708H GiGA WiFi Wave2 version 1.1, which originates from an incorrect operation of the function sub450B2C in the parameter ChgUserId in the file /goform/mcrsetSysAdm, which...

TOTOLINK A950RG /lib/cste_modules/system.so file buffer overflow vulnerability

The TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A950RG suffers from a buffer overflow vulnerability that originates from the failure of the setNoticeCfg interface NoticeUrl parameter in /lib/cstemodules/system.so to correctly...

TOTOLINK A950RG Command Execution Vulnerability

The TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A950RG suffers from a command execution vulnerability that stems from improper handling of the deviceMac parameter in the setDeviceName interface in the /lib/cstemodules/global.so...