CVE-2025-65289
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-12

Assigner: MITRE

Description
A stored Cross site scripting (XSS) vulnerability in the Mercury MR816v2 (081C3114 4.8.7 Build 110427 Rel 36550n) router allows a remote attacker on the LAN to inject JavaScript into the router's management UI by submitting a malicious hostname. The injected script is stored and later executed in the context of an administrator's browser (for example after DHCP release/renew triggers the interface to display the stored hostname). Because the management interface uses weak/basic authentication and does not properly protect or isolate session material, the XSS can be used to exfiltrate the admin session and perform administrative actions.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-12
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65289
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
mercurycom mr816_firmware 081c3114_4.8.7
mercurycom mr816 2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is a stored Cross Site Scripting (XSS) issue in the Mercury MR816v2 router's management interface. A remote attacker on the local network can inject malicious JavaScript by submitting a crafted hostname. This script is stored and later executed in the administrator's browser when the interface displays the hostname, such as after a DHCP release or renew. The router's weak authentication and poor session protection allow the attacker to steal the admin session and perform administrative actions.

Impact Analysis

The vulnerability can allow an attacker on the LAN to hijack the administrator's session, execute arbitrary administrative commands on the router, and potentially take full control of the device. This can lead to unauthorized configuration changes, network disruption, and exposure of sensitive network information.

Mitigation Strategies

To mitigate this vulnerability, immediately restrict LAN access to the Mercury MR816v2 router's management interface, ensure that only trusted administrators can access it, and avoid submitting untrusted hostnames to the router. Additionally, consider updating or patching the router firmware if an update is available from the vendor that addresses this XSS vulnerability. Use stronger authentication methods to protect the management interface and isolate session materials to prevent session exfiltration.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65289. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart