CVE-2014-2719

EPSS 0.31%
Published 22.04.2014 13:06:29
Last modified 12.04.2025 10:46:40
Source cve@mitre.org
Teams watchlist Login
Open Login

Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.

Affected products Warnungen 0 Metrics 2 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Asus ≫ Rt-ac66u Firmware Version3.0.0.4.140

Asus ≫ Rt-ac66u Firmware Version3.0.0.4.220

Asus ≫ Rt-ac66u Firmware Version3.0.0.4.246

Asus ≫ Rt-ac66u Firmware Version3.0.0.4.260

Asus ≫ Rt-ac66u Firmware Version3.0.0.4.270

Asus ≫ Rt-ac66u Firmware Version3.0.0.4.354

Asus ≫ Rt-ac68u Firmware Version3.0.0.4.374.4755

Asus ≫ Rt-ac68u Firmware Version3.0.0.4.374_4561

Asus ≫ Rt-ac68u Firmware Version3.0.0.4.374_4887

Asus ≫ Rt-n10e Firmware Version2.0.0.7

Asus ≫ Rt-n10e Firmware Version2.0.0.10

Asus ≫ Rt-n10e Firmware Version2.0.0.16

Asus ≫ Rt-n10e Firmware Version2.0.0.19

Asus ≫ Rt-n10e Firmware Version2.0.0.20

Asus ≫ Rt-n10e Firmware Version2.0.0.24

Asus ≫ Rt-n10e Firmware Version2.0.0.25

Asus ≫ Rt-n14u Firmware Version3.0.0.4.322

Asus ≫ Rt-n14u Firmware Version3.0.0.4.356

Asus ≫ Rt-n16 Firmware Version1.0.1.9

Asus ≫ Rt-n16 Firmware Version1.0.2.3

Asus ≫ Rt-n16 Firmware Version3.0.0.3.108

Asus ≫ Rt-n16 Firmware Version3.0.0.3.162

Asus ≫ Rt-n16 Firmware Version3.0.0.3.178

Asus ≫ Rt-n16 Firmware Version3.0.0.4.220

Asus ≫ Rt-n16 Firmware Version3.0.0.4.246

Asus ≫ Rt-n16 Firmware Version3.0.0.4.260

Asus ≫ Rt-n16 Firmware Version3.0.0.4.354

Asus ≫ Rt-n16 Firmware Version7.0.2.38b

Asus ≫ Rt-n56u Firmware Version1.0.1.4

Asus ≫ Rt-n56u Firmware Version1.0.1.4o

Asus ≫ Rt-n56u Firmware Version1.0.1.7c

Asus ≫ Rt-n56u Firmware Version1.0.1.7f

Asus ≫ Rt-n56u Firmware Version1.0.1.8j

Asus ≫ Rt-n56u Firmware Version1.0.1.8l

Asus ≫ Rt-n56u Firmware Version1.0.1.8n

Asus ≫ Rt-n56u Firmware Version3.0.0.4.318

Asus ≫ Rt-n56u Firmware Version3.0.0.4.334

Asus ≫ Rt-n56u Firmware Version3.0.0.4.342

Asus ≫ Rt-n56u Firmware Version3.0.0.4.360

Asus ≫ Rt-n56u Firmware Version7.0.1.21

Asus ≫ Rt-n56u Firmware Version7.0.1.32

Asus ≫ Rt-n56u Firmware Version8.1.1.4

Asus ≫ Rt-n65u Firmware Version3.0.0.3.134

Asus ≫ Rt-n65u Firmware Version3.0.0.3.176

Asus ≫ Rt-n65u Firmware Version3.0.0.4.260

Asus ≫ Rt-n65u Firmware Version3.0.0.4.334

Asus ≫ Rt-n65u Firmware Version3.0.0.4.342

Asus ≫ Rt-n65u Firmware Version3.0.0.4.346

Asus ≫ Rt-n66u Firmware Version3.0.0.4.272

Asus ≫ Rt-n66u Firmware Version3.0.0.4.370

Asus ≫ Rt-ac68u Version-

T-mobile ≫ Tm-ac1900 Version3.0.0.4.376_3169

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.31%	0.51

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.3	6.8	6.9	AV:N/AC:M/Au:S/C:C/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

https://support.t-mobile.com/docs/DOC-21994

http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29

http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html

http://seclists.org/fulldisclosure/2014/Apr/225

https://nvd.nist.gov/vuln/detail/CVE-2014-2719

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-2719

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-2719

EUVD