cbcvebase.
CVE-2021-27825
published 2023-05-29

CVE-2021-27825: A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.

PriorityP260high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
7.80%
93.9th percentile
A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://60.251.151.2:8888/web-static/
urlhttp://222.215.15.70:8888/web-static/
ip60.251.151.2
ip222.215.15.70
port8888
path/web-static/
  • Monitor HTTP requests containing the path prefix '/web-static/' on port 8888, which is the traversal vector on Mercury MAC1200R devices.
  • Attackers use the search dork '"MAC1200R" && port="8888"' to discover exposed devices; look for inbound connections to port 8888 from scanning infrastructure.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.