CNNVD-202509-1865 Information

Sep 14, 2025 cve

CNNVD ID

CNNVD-202509-1865

CVE-2025-10392

CNNVD Published: 2025-09-14

Description (Chinese)

Mercury KM08-708H GiGA WiFi Wave2是中国水星（Mercury）公司的一款无线路由器。 Mercury KM08-708H GiGA WiFi Wave2 1.1.14版本存在安全漏洞，该漏洞源于HTTP Header Handler组件对参数Host的操作存在栈缓冲区溢出，可能导致远程执行任意代码。

Description (English)

Mercury KM08-708H GiGA WiFi Wave2 is a wireless router of Mercury. Mercury KM08-708H GiGA WiFi Wave2 1.1.14 contains a security loophole resulting from the operation of HTTP Header Handler ’ s component in a swarm buffer zone over the parameter Host, which may result in the remote implementation of any code.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

水星

Published

2025-09-14

Last Modified

2026-02-24

References

https://vuldb.com/?id.323827 https://vuldb.com/?ctiid.323827 https://vuldb.com/?submit.644596 https://github.com/mohdkey/IOT-CVE/blob/main/KT_GIGA_WIFI-Wave%202%20has%20a%20stack%20overflow%20vulnerability.pdf https://access.redhat.com/security/cve/cve-2025-10392

Share on: