CNNVD-202510-3177 Information

CNNVD ID

CNNVD-202510-3177

Related CVE

CVE-2025-62774

• CNNVD Published: 2025-10-22

Description (Chinese)

Mercku M6a是美国Mercku公司的一款WiFi路由器。 Mercku M6a 2.1.0及之前版本存在安全特征问题漏洞，该漏洞源于认证系统使用基于时间戳的可预测会话令牌，可能导致身份验证绕过。

Description (English)

Mercku M6a is a WiFi router of Mercku, United States. Mercku M6a 2.1.0 and previous versions had a security feature loophole, which stemmed from the use of a time stamp-based, predictable message token by the authentication system, which could lead to the identification being bypassed.

Hazard Level

High

Vulnerability Type

安全特征问题

Affected Vendor

Mercku

Published

2025-10-22

Last Modified

2026-02-24

References

https://blog.nullvoid.me/posts/mercku-exploits/ https://seclists.org/fulldisclosure/2025/Oct/10 https://access.redhat.com/security/cve/cve-2025-62774

Patch

https://www.mercku.com/downloads/