CVE-2021-27825
HIGHMercury MAC1200R Firmware - Unauthenticated Path Traversal via web-static/ URL
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-27825. PoCs published by Chunlei Shang_ Jiangsu Public Information Co._ Ltd..
AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in MAC 1200R devices. It provides instructions for exploiting the vulnerability but does not include actual exploit code.
Description
A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL.
Exploits (1)
exploitdb
WRITEUP
by Chunlei Shang_ Jiangsu Public Information Co._ Ltd. · textwebappshardware
https://www.exploit-db.com/exploits/51315
This is a writeup describing a directory traversal vulnerability in MAC 1200R devices. It provides instructions for exploiting the vulnerability but does not include actual exploit code.
Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target:
Mercury MAC 1200R, all versions
No auth needed
Prerequisites:
Access to the target device's web interface on port 8888
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry
http://packetstormsecurity.com/files/171771/MAC-1200R-Directory-Traversal.html
Scores
CVSS v3
7.5
EPSS
0.0780
EPSS Percentile
93.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (1)
mercurycom/mac1200r_firmware
Published
May 29, 2023
Tracked Since
Feb 18, 2026