CVE-2025-50398
Published: 16 December 2025
Description
Mercury D196G d196gv1-cn-up_2020-01-09_11.21.44 is vulnerable to Buffer Overflow in the function sub_404CAEDC via the parameter fac_password.
Mitigating Controls (NIST 800-53 r5)AI
SI-10 directly prevents buffer overflows by requiring validation of inputs like the fac_password parameter to ensure they do not exceed buffer boundaries.
SI-2 mandates identification and remediation of flaws such as the buffer overflow in sub_404CAEDC, eliminating the vulnerability through firmware patching.
SI-16 enforces memory protections that block unauthorized code execution resulting from buffer overflow exploitation in the vulnerable function.
Security SummaryAI
CVE-2025-50398 is a buffer overflow vulnerability (CWE-120) in the Mercury D196G router firmware version d196gv1-cn-up_2020-01-09_11.21.44. The flaw occurs in the function sub_404CAEDC when processing the fac_password parameter, enabling improper handling of input that exceeds buffer boundaries.
The vulnerability carries a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating it is exploitable over the network with low complexity by unauthenticated attackers requiring no user interaction. Exploitation could grant high-impact access to confidential data, modification of system integrity, and disruption of availability, such as through remote code execution or system crashes.
References point to GitHub repositories at https://github.com/sezangel/IOT-vul/tree/main/Mercury/D196G/2, which document the vulnerability, including potential proof-of-concept details. No vendor advisories or patches are specified in available information.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Buffer overflow vulnerability in the fac_password parameter of the Mercury D196G router's likely web management interface enables exploitation of a public-facing application for remote code execution.