← back
CVE-2021-25811

CVE-2021-25811

EPSS 1.6%
MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via a crafted value to the POST listen_http_lan parameter. Upon subsequent device restarts after this vulnerability is exploted the device will not be able to access the webserver unless the listen_http_lan parameter to uhttpd.json is manually fixed.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/pokerfacett/MY_REQUEST/blob/master/Mercury%20Router%20X18g%20v1.0.5%20Denial%20of%20Service.mdhttps://www.mercurycom.com.cn/product-521-1.htmlhttps://www.mercusys.com/en/