Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveCertccCVE-2014-8243
HistoryNov 01, 2014 - 10:55 a.m.

CVE-2014-8243

2014-11-0110:55:02
CWE-310
certcc
web.nvd.nist.gov
29
linksys
smart wifi
firmware
vulnerability
remote attackers
administrator
md5 password hash
security
cve-2014-8243

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.2

Confidence

Low

EPSS

0.004

Percentile

74.8%

JSON

Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator’s MD5 password hash via a direct request for the /.htpasswd URI.

Affected configurations

Nvd
Node
linksysea4500_firmwareRange2.0.14212.1
AND
linksysea4500Match-
Node
linksysea6500_firmwareRange1.1.40153731
AND
linksysea6500Match-
Node
linksysea6400_firmwareRange1.1.40153731
AND
linksysea6400Match-
Node
linksyse4200v2_firmwareRange2.0.14212.1
AND
linksyse4200v2Match-
Node
linksysea6300_firmwareRange1.1.40153731
AND
linksysea6300Match-
Node
linksysea6900_firmwareRange1.1.42158863
AND
linksysea6900Match-
Node
linksysea2700_firmwareRange2.0.14294
AND
linksysea2700Match-
Node
linksysea3500_firmwareRange2.0.14294
AND
linksysea3500Match-
Node
linksysea6200_firmwareRange1.1.41153743
AND
linksysea6200Match-
Node
linksysea6700_firmwareRange1.1.40153731
AND
linksysea6700Match-
VendorProductVersionCPE
linksysea4500_firmware*cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:*
linksysea4500-cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:*
linksysea6500_firmware*cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:*
linksysea6500-cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*
linksysea6400_firmware*cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:*
linksysea6400-cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:*
linksyse4200v2_firmware*cpe:2.3:o:linksys:e4200v2_firmware:*:*:*:*:*:*:*:*
linksyse4200v2-cpe:2.3:h:linksys:e4200v2:-:*:*:*:*:*:*:*
linksysea6300_firmware*cpe:2.3:o:linksys:ea6300_firmware:*:153731:*:*:*:*:*:*
linksysea6300-cpe:2.3:h:linksys:ea6300:-:*:*:*:*:*:*:*
Rows per page:
1-10 of 201

Related

nvd 1
prion 1
cvelist 1
threatpost 1
cert 1
nvd
nvd
CVE-2014-8243
2014-11-01 10:55:02
prion
prion
Design/Logic Flaw
2014-11-01 10:55:00
cvelist
cvelist
CVE-2014-8243
2014-11-01 10:00:00
threatpost
threatpost
Linksys SMART Wi-Fi Firmware Patches Released
2014-11-04 10:53:38
cert
cert
Linksys SMART WiFi firmware contains multiple vulnerabilities
2014-10-31 00:00:00

CVSS2

3.3

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:A/AC:L/Au:N/C:P/I:N/A:N

AI Score

7.2

Confidence

Low

EPSS

0.004

Percentile

74.8%

JSON
Related for CVE-2014-8243
nvd1prion1cvelist1threatpost1cert1