CVE-2025-56463

CVSS v3.1

6.8

Medium

Vector

AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Mercusys MW305R versions 3.30 and below

Description The Mercusys MW305R router firmware contains a flaw that leads to a Transport Layer Security (TLS) certificate private key disclosure. This allows potential attackers to obtain the private key associated with the TLS certificate used by the router.

Recommendations Update the firmware to a version newer than 3.30.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2025-56463

Affected Products

Mercusys Mw305R

CVE-2025-56463

Weakness Enumeration

Related Identifiers

Affected Products

References · 8