Lucene search
K

35 matches found

RedhatCVE
RedhatCVE
added 2025/10/23 12:17 a.m.7 views

CVE-2025-62771

Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks...

7.5CVSS7.1AI score0.00137EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/23 12:17 a.m.10 views

CVE-2025-62773

Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator...

2.4CVSS6.9AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/23 12:17 a.m.10 views

CVE-2025-62774

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

3.1CVSS7.2AI score0.00178EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/23 12:17 a.m.10 views

CVE-2025-62772

On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...

3.1CVSS6.9AI score0.00145EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/23 12:17 a.m.10 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS7AI score0.00255EPSS
Exploits0References1
NVD
NVD
added 2025/10/22 4:16 a.m.5 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS0.00255EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 4:16 a.m.8 views

CVE-2025-62774

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

3.1CVSS0.00178EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 4:16 a.m.2 views

CVE-2025-62773

Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator...

2.4CVSS0.00158EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 4:16 a.m.11 views

CVE-2025-62772

On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...

3.1CVSS0.00145EPSS
Exploits0References2
NVD
NVD
added 2025/10/22 4:16 a.m.7 views

CVE-2025-62771

Mercku M6a devices through 2.1.0 allow password changes via intranet CSRF attacks...

7.5CVSS0.00137EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/10/22 12:0 a.m.2 views

Mercku M6a 跨站请求伪造漏洞

Mercku M6a is a WiFi router from Mercku USA. A cross-site request forgery vulnerability exists in Mercku M6a version 2.1.0 and earlier, which originates from allowing a cross-site request forgery attack to change passwords via the internal network...

7.5CVSS6.8AI score0.00137EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/22 12:0 a.m.2 views

EUVD-2025-35313

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

3.1CVSS6.6AI score0.00178EPSS
Exploits0References3
CVE
CVE
added 2025/10/22 12:0 a.m.9 views

CVE-2025-62773

CVE-2025-62773 affects Mercku M6a firmware up to 2.1.0. The issue arises when an administrator can enable TELNET sessions through a router.telnet.enabled.update request, enabling TELNET access on the device. Affected component is the device’s TELNET capability; root cause is a misconfiguration/au...

2.4CVSS6.5AI score0.00158EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/22 12:0 a.m.3 views

CVE-2025-62774

On Mercku M6a devices through 2.1.0, the authentication system uses predictable session tokens based on timestamps...

3.1CVSS6.8AI score0.00178EPSS
Exploits0References2
CVE
CVE
added 2025/10/22 12:0 a.m.9 views

CVE-2025-62775

CVE-2025-62775 affects Mercku M6a devices up to firmware version 2.1.0, where the web admin password can be used to gain root TELNET access. The connected documents consistently describe root access via TELNET enabled by the web admin password, indicating a high-severity impact (per CVSS 3.1 vect...

8CVSS6.7AI score0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/22 12:0 a.m.8 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS0.00255EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/22 12:0 a.m.1 views

CVE-2025-62775

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS6.7AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/22 12:0 a.m.4 views

EUVD-2025-35312

Mercku M6a devices through 2.1.0 allow root TELNET logins via the web admin password...

8CVSS6.5AI score0.00255EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/22 12:0 a.m.8 views

CVE-2025-62772

On Mercku M6a devices through 2.1.0, session tokens remain valid for at least months in some cases...

3.1CVSS0.00145EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/22 12:0 a.m.8 views

CVE-2025-62773

Mercku M6a devices through 2.1.0 allow TELNET sessions via a router.telnet.enabled.update request by an administrator...

2.4CVSS0.00158EPSS
Exploits0References2
Rows per page
Query Builder