Design/Logic Flaw

2014-09-2922:55:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

77.2%

JSON

Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.

CPENameOperatorVersion
ea6500_firmwareeq1.1.28.147876

CPE	Name	Operator	Version
	ea6500_firmware	eq	1.1.28.147876

References

securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php

securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf