CVE-2014-2719

Sažetak

Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.

Reference

http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html
http://seclists.org/fulldisclosure/2014/Apr/225
http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29
https://support.t-mobile.com/docs/DOC-21994

CVSS

Base:	6.3
Impact:	6.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:M/Au:S/C:C/I:N/A:N

Zadnje važnije ažuriranje

30-06-2016 - 15:59

Objavljeno

22-04-2014 - 13:06