PT-2021-16800 · Mercusys · Mercusys Mercury X18G

Published

2021-04-29

Updated

2021-05-05

CVE-2021-25810

CVSS v3.1

6.1

Medium

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions MERCUSYS Mercury X18G version 1.0.5

Description A Cross Site Scripting (XSS) issue exists, allowing exploitation through crafted values to the src dport start, src dport end, and dest port parameters.

Recommendations For MERCUSYS Mercury X18G version 1.0.5, avoid using the src dport start, src dport end, and dest port parameters until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2021-25810

Affected Products

Mercusys Mercury X18G

PT-2021-16800 · Mercusys · Mercusys Mercury X18G

CVE-2021-25810

Weakness Enumeration

Related Identifiers

Affected Products

References · 5