Skip to main content
CVE-2021-23242 MEDIUM POC This Month

MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ to the UPnP server, as demonstrated by the /../../conf/template/uhttpd.json URI. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Mercury X18G Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
1.8%
CVE-2021-23241 MEDIUM POC THREAT This Month

MERCUSYS Mercury X18G 1.0.5 devices allow Directory Traversal via ../ in conjunction with a loginLess or login.htm URI (for authentication bypass) to the web server, as demonstrated by the. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Authentication Bypass Mercury X18G Firmware
NVD GitHub
CVSS 3.1
5.3
EPSS
13.4%
CVE-2021-3011 MEDIUM POC This Month

An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. Rated medium severity (CVSS 4.2), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.

Google Information Disclosure K13 K21 K40 +42
NVD
CVSS 3.1
4.2
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy