Skip to main content

Rt Ac66U Firmware CVE-2014-2719

MEDIUM
Information Exposure (CWE-200)
2014-04-22 cve@mitre.org
6.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.3 MEDIUM
AV:N/AC:M/Au:S/C:C/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:S/C:C/I:N/A:N
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
Apr 22, 2014 - 13:06 cve.org
MEDIUM 6.3

DescriptionCVE.org

Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.

AnalysisAI

Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator. Rated medium severity (CVSS 6.3), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code. Affected products include: Asus Rt-Ac66U Firmware, Asus Rt-Ac68U Firmware, Asus Rt-N10E Firmware, Asus Rt-N14U Firmware, Asus Rt-N16 Firmware. Version information: before 3.0.0.4.374.5517.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

Share

CVE-2014-2719 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy