Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A stored Cross site scripting (XSS) vulnerability in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) router allows a remote attacker on the LAN to inject JavaScript into the router's management UI by submitting a malicious hostname. The injected script is stored and later executed in the context of an administrator's browser (for example after DHCP release/renew triggers the interface to display the stored hostname). Because the management interface uses weak/basic authentication and does not properly protect or isolate session material, the XSS can be used to exfiltrate the admin session and perform administrative actions.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Mercury MR816v2 安全漏洞
Vulnerability Description
Mercury MR816v2是中国水星(Mercury)公司的一款门禁控制设备。 Mercury MR816v2 081C3114 4.8.7 Build 110427 Rel 36550n版本存在安全漏洞,该漏洞源于存储型跨站脚本,可能导致管理员会话泄露和执行管理操作。
CVSS Information
N/A
Vulnerability Type
N/A