CNNVD-202507-2555 Information

CNNVD ID

CNNVD-202507-2555

Related CVE

CVE-2025-7881

• CNNVD Published: 2025-07-20

Description (Chinese)

Mercusys MW301R是中国Mercusys公司的一款路由器。 Mercusys MW301R 1.0.2 Build 190726 Rel.59423n版本存在授权问题漏洞，该漏洞源于对Web Interface组件中参数code的错误操作导致弱密码恢复。

Description (English)

Mercusys MW301R is a router for Mercusys in China. Mercusys MW301R 1.0.2 Build 190726 Rel.59423n has a mandate loophole, which stems from an error in the code of the parameter in the Web Interface component, resulting in the restoration of the weak password.

Hazard Level

Critical

Vulnerability Type

授权问题

Affected Vendor

Mercusys

Published

2025-07-20

Last Modified

2026-02-24

References

https://vuldb.com/?submit.611328 https://github.com/RaulPazemecxas/PoCVulDb/blob/main/README20.md https://vuldb.com/?ctiid.316996 https://vuldb.com/?id.316996 https://access.redhat.com/security/cve/cve-2025-7881