35 matches found
CVE-2025-62771
Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks...
CVE-2025-62772
On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...
CVE-2025-62773
Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator...
CVE-2025-62774
On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...
CVE-2025-62775
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...
CVE-2025-62774
On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...
CVE-2025-62775
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...
CVE-2025-62773
Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator...
CVE-2025-62772
On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...
CVE-2025-62771
Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks...
CVE-2025-62772
On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...
CVE-2025-62775
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...
CVE-2025-62772
This CVE concerns Mercku M6a devices (through version 2.1.0). The issue is that session tokens may remain valid for months, enabling potential unauthorized access as described across multiple feeds. The available documents confirm the affected product and version range, but do not provide a detai...
EUVD-2025-35312
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...
EUVD-2025-35316
Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks...
CVE-2025-62773
Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator...
CVE-2025-62771
Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks...
CVE-2025-62775
Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...
CVE-2025-62774
On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...
CVE-2025-62772
On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...