Filtered by vendor Mercurycom Subscriptions
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-46518 1 Mercurycom 2 A15, A15 Firmware 2024-11-21 9.8 Critical
Mercury A15 V1.0 20230818_1.0.3 was discovered to contain a command execution vulnerability via the component cloudDeviceTokenSuccCB.
CVE-2022-31849 1 Mercurycom 2 Mipc451-4, Mipc451-4 Firmware 2024-11-21 8.8 High
MERCURY MIPC451-4 1.0.22 Build 220105 Rel.55642n was discovered to contain a remote code execution (RCE) vulnerability which is exploitable via a crafted POST request.
CVE-2021-27825 1 Mercurycom 2 Mac1200r, Mac1200r Firmware 2024-11-21 7.5 High
A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.
CVE-2012-4999 1 Mercurycom 2 Mr804, Mr804 Firmware 2024-11-21 N/A
Mercury MR804 Router 8.0 3.8.1 Build 101220 Rel.53006nB allows remote attackers to cause a denial of service (service hang) via a crafted string in HTTP header fields such as (1) If-Modified-Since, (2) If-None-Match, or (3) If-Unmodified-Since. NOTE: some of these details are obtained from third party information.
CVE-2024-44167 2 Apple, Mercurycom 3 Ios And Ipados, Visionos, Mac1200r Firmware 2024-09-20 8.1 High
This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.7, visionOS 2, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to overwrite arbitrary files.
CVE-2024-8655 1 Mercurycom 1 Mnvr816 Firmware 2024-09-12 5.3 Medium
A vulnerability was found in Mercury MNVR816 up to 2.0.1.0.5. It has been classified as problematic. This affects an unknown part of the file /web-static/. The manipulation leads to files or directories accessible. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.