7.5
CVE-2014-8244
- EPSS 13.94%
- Veröffentlicht 01.11.2014 10:55:02
- Zuletzt bearbeitet 12.04.2025 10:46:40
- Quelle cret@cert.org
- Teams Watchlist Login
- Unerledigt Login
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Linksys ≫ Ea3500 Firmware Version <= 2.0.14294
Linksys ≫ Ea6700 Firmware Update153731 Version <= 1.1.40
Linksys ≫ Ea6500 Firmware Update153731 Version <= 1.1.40
Linksys ≫ Ea4500 Firmware Version <= 2.0.14212.1
Linksys ≫ Ea6900 Firmware Update158863 Version <= 1.1.42
Linksys ≫ Ea2700 Firmware Version <= 2.0.14294
Linksys ≫ Ea6400 Firmware Update153731 Version <= 1.1.40
Linksys ≫ Ea6200 Firmware Update153743 Version <= 1.1.41
Linksys ≫ Ea6300 Firmware Update153731 Version <= 1.1.40
Linksys ≫ E4200v2 Firmware Version <= 2.0.14212.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 13.94% | 0.94 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.