CVE-2025-50401
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-16

Last updated on: 2025-12-22

Assigner: MITRE

Description
Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter password.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-16
Last Modified
2025-12-22
Generated
2026-06-16
AI Q&A
2025-12-16
EPSS Evaluated
2026-06-14
NVD
CVE-2025-50401
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
mercurycom d196g_firmware *
mercurycom d196g *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-120 The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a buffer overflow in the Mercury D196G device, specifically in the function sub_404CAEDC, which can be triggered via the password parameter. A buffer overflow occurs when more data is written to a buffer than it can hold, potentially allowing an attacker to execute arbitrary code or cause a crash. [1]

Detection Guidance

Detection can involve checking for the vulnerable Mercury D196G device firmware version and monitoring for abnormal behavior related to the password parameter handling. Specific commands or scripts for detection are not detailed in the provided resources. [1]

Mitigation Strategies

Immediate mitigation steps are not explicitly provided in the resources. Generally, mitigation would include updating the device firmware to a non-vulnerable version if available, restricting access to the device, and monitoring for exploitation attempts. [1]

Impact Analysis

The buffer overflow vulnerability can allow an attacker to execute arbitrary code on the affected device, potentially leading to unauthorized access, device malfunction, or denial of service. This can compromise the security and availability of the device and any network it is connected to. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-50401. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart