CVE 8.7 HIGH

Mercury KM08-708H GiGA WiFi Wave2 mcr_setSysAdm sub_450B2C buffer overflow_CVE-2025-10385

September 13, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Description

A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Affected by this issue is the function sub_450B2C of the file /goform/mcr_setSysAdm. The manipulation of the argument ChgUserId leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

AI Analysis

A buffer overflow vulnerability in the sub_450B2C function of /goform/mcr_setSysAdm in Mercury KM08-708H GiGA WiFi Wave2 1.1 allows remote attackers to execute arbitrary code via the ChgUserId argument.

Basic Information

ID CVE-2025-10385

Source VulDB

Published Sep 14, 2025 at 01:02

Affected Product

Vendor Mercury

Product KM08-708H GiGA WiFi Wave2

Version 1.1

Affected Versions Mercury KM08-708H GiGA WiFi Wave2 1.1

CWE Classification

CWE-120 CWE-119

AI Assessment

AI Score 8.7 / 10

AI Severity HIGH

Vendor Mercury

Product KM08-708H GiGA WiFi Wave2

Version 1.1

References

{
    "lastseen": "",
    "description": "A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Affected by this issue is the function sub_450B2C of the file /goform/mcr_setSysAdm. The manipulation of the argument ChgUserId leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-09-14T01:02:05.536Z",
    "modified": "2025-09-14T01:02:05.536Z",
    "type": "cve",
    "title": "Mercury KM08-708H GiGA WiFi Wave2 mcr_setSysAdm sub_450B2C buffer overflow",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.323820\nhttps://vuldb.com/?ctiid.323820\nhttps://vuldb.com/?submit.643902\nhttps://github.com/Jjx-wy/kt/blob/main/KT%20KM08-708H.md",
    "id": "CVE-2025-10385",
    "bulletinFamily": "",
    "cwe": [
        "CWE-120",
        "CWE-119"
    ],
    "cvelist": null,
    "sourceData": "Mercury KM08-708H GiGA WiFi Wave2 1.1",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "KM08-708H GiGA WiFi Wave2",
    "version": "1.1",
    "vendor": "Mercury",
    "ai_description": "A buffer overflow vulnerability in the sub_450B2C function of /goform/mcr_setSysAdm in Mercury KM08-708H GiGA WiFi Wave2 1.1 allows remote attackers to execute arbitrary code via the ChgUserId argument.",
    "ai_severity": "HIGH",
    "ai_vendor": "Mercury",
    "ai_product": "KM08-708H GiGA WiFi Wave2",
    "ai_version": "1.1",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply