CVE-2021-27825
published 2023-05-29CVE-2021-27825: A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.
PriorityP260high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
7.80%
93.9th percentile
A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests containing the path prefix '/web-static/' on port 8888, which is the traversal vector on Mercury MAC1200R devices. ↗
- →Attackers use the search dork '"MAC1200R" && port="8888"' to discover exposed devices; look for inbound connections to port 8888 from scanning infrastructure. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2023-05-29
Published