CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

RedhatCVE•added 2025/10/23 12:17 a.m.•4 views

CVE-2025-62772

On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...

3.1CVSS6.9AI score0.00015EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 12:17 a.m.•5 views

CVE-2025-62771

Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks...

7.5CVSS7.1AI score0.00009EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 12:17 a.m.•6 views

CVE-2025-62773

Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator...

2.4CVSS6.9AI score0.00016EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 12:17 a.m.•6 views

CVE-2025-62774

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

3.1CVSS7.2AI score0.00015EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 12:17 a.m.•5 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS7AI score0.00027EPSS

Exploits0References1

NVD•added 2025/10/22 4:16 a.m.•2 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS0.00027EPSS

Exploits0References2

NVD•added 2025/10/22 4:16 a.m.•3 views

CVE-2025-62774

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

3.1CVSS0.00015EPSS

Exploits0References2

NVD•added 2025/10/22 4:16 a.m.•1 views

CVE-2025-62773

Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator...

2.4CVSS0.00016EPSS

Exploits0References2

NVD•added 2025/10/22 4:16 a.m.•9 views

CVE-2025-62772

On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...

3.1CVSS0.00015EPSS

Exploits0References2

NVD•added 2025/10/22 4:16 a.m.•5 views

CVE-2025-62771

Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks...

7.5CVSS0.00009EPSS

Exploits0References2

Vulnrichment•added 2025/10/22 12:0 a.m.•4 views

CVE-2025-62772

On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...

3.1CVSS6.5AI score0.00015EPSS

Exploits0References2

Vulnrichment•added 2025/10/22 12:0 a.m.•1 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS6.7AI score0.00027EPSS

Exploits0References2

CVE•added 2025/10/22 12:0 a.m.•10 views

CVE-2025-62772

This CVE concerns Mercku M6a devices (through version 2.1.0). The issue is that session tokens may remain valid for months, enabling potential unauthorized access as described across multiple feeds. The available documents confirm the affected product and version range, but do not provide a detai...

3.1CVSS6.5AI score0.00015EPSS

Exploits0References2