Known Vulnerabilities for Mercury X18g Firmware by Mercusys
Listed below are 4 of the newest known vulnerabilities associated with "Mercury X18g Firmware" by "Mercusys".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-25811 json | MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via a crafted value to the POST listen_http_lan parameter. Upon s... | 7.5 - HIGH | 2021-04-29 | 2021-05-08 |
| CVE-2021-25810 json | Cross site Scripting (XSS) vulnerability in MERCUSYS Mercury X18G 1.0.5 devices, via crafted values to the 'src_dport_start',... | 6.1 - MEDIUM | 2021-04-29 | 2021-05-05 |
| CVE-2021-23242 json | MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ to the UPnP server, as demonstrated by the /../../conf/... | 5.3 - MEDIUM | 2021-01-07 | 2021-01-12 |
| CVE-2021-23241 json | MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for a... | 5.3 - MEDIUM | 2021-01-07 | 2021-01-12 |