Search criteria
21 vulnerabilities found for ea6500 by linksys
VAR-201409-0057
Vulnerability from variot - Updated: 2023-12-18 14:06Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section. Linksys EA6500 is a wireless router device.
Linksys EA6500 has a cross-site scripting vulnerability. Linksys EA6500 is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0057",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ea6500",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.1.28.147876"
},
{
"model": "ea6500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6500",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6500",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.28.147876"
},
{
"model": "linksys ea6500",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1.28.147876"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06826"
},
{
"db": "BID",
"id": "70291"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"db": "NVD",
"id": "CVE-2013-3065"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3065"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Thompson",
"sources": [
{
"db": "BID",
"id": "70291"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3065",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "Single",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.5,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "CVE-2013-3065",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "CNVD-2014-06826",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.8,
"id": "VHN-63067",
"impactScore": 2.9,
"integrityImpact": "PARTIAL",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:S/C:N/I:P/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3065",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2014-06826",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-1109",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-63067",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06826"
},
{
"db": "VULHUB",
"id": "VHN-63067"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"db": "NVD",
"id": "CVE-2013-3065"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section. Linksys EA6500 is a wireless router device. \n\nLinksys EA6500 has a cross-site scripting vulnerability. Linksys EA6500 is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input. \nSuccessful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3065"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"db": "CNVD",
"id": "CNVD-2014-06826"
},
{
"db": "BID",
"id": "70291"
},
{
"db": "VULHUB",
"id": "VHN-63067"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3065",
"trust": 3.4
},
{
"db": "BID",
"id": "70291",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006647",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1109",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-06826",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-63067",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06826"
},
{
"db": "VULHUB",
"id": "VHN-63067"
},
{
"db": "BID",
"id": "70291"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"db": "NVD",
"id": "CVE-2013-3065"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
]
},
"id": "VAR-201409-0057",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-63067"
}
],
"trust": 0.85
},
"last_update_date": "2023-12-18T14:06:07.663000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linksys Home Networking",
"trust": 0.8,
"url": "http://www.linksys.com/en-apac/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-79",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63067"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"db": "NVD",
"id": "CVE-2013-3065"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
},
{
"trust": 2.6,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/vulnerability_catalog.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3065"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3065"
},
{
"trust": 0.3,
"url": "http://home.cisco.com/en-us/home"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06826"
},
{
"db": "VULHUB",
"id": "VHN-63067"
},
{
"db": "BID",
"id": "70291"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"db": "NVD",
"id": "CVE-2013-3065"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-06826"
},
{
"db": "VULHUB",
"id": "VHN-63067"
},
{
"db": "BID",
"id": "70291"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"db": "NVD",
"id": "CVE-2013-3065"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-06826"
},
{
"date": "2014-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63067"
},
{
"date": "2014-09-29T00:00:00",
"db": "BID",
"id": "70291"
},
{
"date": "2014-10-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"date": "2014-09-29T22:55:08.190000",
"db": "NVD",
"id": "CVE-2013-3065"
},
{
"date": "2014-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-06826"
},
{
"date": "2014-09-30T00:00:00",
"db": "VULHUB",
"id": "VHN-63067"
},
{
"date": "2014-09-29T00:00:00",
"db": "BID",
"id": "70291"
},
{
"date": "2014-10-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006647"
},
{
"date": "2014-09-30T18:25:04.943000",
"db": "NVD",
"id": "CVE-2013-3065"
},
{
"date": "2014-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys EA6500 Of firmware Parental Controls Section cross-site scripting vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006647"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "XSS",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-1109"
}
],
"trust": 0.6
}
}
VAR-201910-1351
Vulnerability from variot - Updated: 2023-12-18 14:04Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. Linksys EA6500 Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Belkin Linksys EA6500 is a wireless router from Belkin.
A path traversal vulnerability exists in Linksys EA6500 that is caused by a network system or product that fails to properly filter a particular element in a resource or file path that an attacker could use to access a location outside of a restricted directory
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201910-1351",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ea6500",
"scope": "eq",
"trust": 2.2,
"vendor": "linksys",
"version": null
},
{
"model": "ea6500",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "linksys ea6500",
"scope": null,
"trust": 0.6,
"vendor": "belkin",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39948"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"db": "NVD",
"id": "CVE-2013-4658"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6500_firmware:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4658"
}
]
},
"cve": "CVE-2013-4658",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Complete",
"baseScore": 10.0,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-4658",
"impactScore": null,
"integrityImpact": "Complete",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CNVD-2019-39948",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2013-4658",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-4658",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNVD",
"id": "CNVD-2019-39948",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201910-1501",
"trust": 0.6,
"value": "CRITICAL"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39948"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"db": "NVD",
"id": "CVE-2013-4658"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be created to locations outside of the Samba share. Linksys EA6500 Contains a path traversal vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Belkin Linksys EA6500 is a wireless router from Belkin. \n\nA path traversal vulnerability exists in Linksys EA6500 that is caused by a network system or product that fails to properly filter a particular element in a resource or file path that an attacker could use to access a location outside of a restricted directory",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4658"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"db": "CNVD",
"id": "CNVD-2019-39948"
}
],
"trust": 2.16
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4658",
"trust": 3.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006862",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2019-39948",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1501",
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39948"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"db": "NVD",
"id": "CVE-2013-4658"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
]
},
"id": "VAR-201910-1351",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39948"
}
],
"trust": 1.6
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39948"
}
]
},
"last_update_date": "2023-12-18T14:04:59.025000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Top Page",
"trust": 0.8,
"url": "https://www.linksys.com/us/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006862"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"db": "NVD",
"id": "CVE-2013-4658"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.4,
"url": "https://www.ise.io/casestudies/exploiting-soho-routers/"
},
{
"trust": 2.4,
"url": "https://www.ise.io/soho_service_hacks/"
},
{
"trust": 2.2,
"url": "https://www.ise.io/wp-content/uploads/2017/06/soho_defcon21.pdf"
},
{
"trust": 2.0,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4658"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4658"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39948"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"db": "NVD",
"id": "CVE-2013-4658"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-39948"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"db": "NVD",
"id": "CVE-2013-4658"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-39948"
},
{
"date": "2019-11-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"date": "2019-10-25T17:15:10.570000",
"db": "NVD",
"id": "CVE-2013-4658"
},
{
"date": "2019-10-25T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-11-11T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-39948"
},
{
"date": "2019-11-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006862"
},
{
"date": "2019-10-29T16:15:53.493000",
"db": "NVD",
"id": "CVE-2013-4658"
},
{
"date": "2019-10-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Belkin Linksys EA6500 Path Traversal Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-39948"
},
{
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201910-1501"
}
],
"trust": 0.6
}
}
VAR-201409-0058
Vulnerability from variot - Updated: 2023-12-18 13:53Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/. The Netgear WNDR4700 is a wireless router device. No detailed vulnerability details are currently available. NetGear WNDR4700 is prone to an unspecified information-disclosure vulnerability
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0058",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ea6500",
"scope": "eq",
"trust": 1.6,
"vendor": "linksys",
"version": "1.1.28.147876"
},
{
"model": "ea6500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6500",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6500",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.28.147876"
},
{
"model": "wndr4700",
"scope": null,
"trust": 0.6,
"vendor": "netgear",
"version": null
},
{
"model": "wndr4700",
"scope": "eq",
"trust": 0.3,
"vendor": "netgear",
"version": "0"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"db": "BID",
"id": "59305"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"db": "NVD",
"id": "CVE-2013-3066"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3066"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Holcomb",
"sources": [
{
"db": "BID",
"id": "59305"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
],
"trust": 0.9
},
"cve": "CVE-2013-3066",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.1,
"confidentialityImpact": "Complete",
"exploitabilityScore": null,
"id": "CVE-2013-3066",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2013-04042",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-63068",
"impactScore": 6.9,
"integrityImpact": "NONE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3066",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2013-04042",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201304-496",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-63068",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2013-3066",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"db": "VULHUB",
"id": "VHN-63068"
},
{
"db": "VULMON",
"id": "CVE-2013-3066"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"db": "NVD",
"id": "CVE-2013-3066"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/. The Netgear WNDR4700 is a wireless router device. No detailed vulnerability details are currently available. NetGear WNDR4700 is prone to an unspecified information-disclosure vulnerability",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3066"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"db": "BID",
"id": "59305"
},
{
"db": "VULHUB",
"id": "VHN-63068"
},
{
"db": "VULMON",
"id": "CVE-2013-3066"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3066",
"trust": 3.5
},
{
"db": "BID",
"id": "59305",
"trust": 1.7
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006648",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201304-496",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2013-04042",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-63068",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2013-3066",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"db": "VULHUB",
"id": "VHN-63068"
},
{
"db": "VULMON",
"id": "CVE-2013-3066"
},
{
"db": "BID",
"id": "59305"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"db": "NVD",
"id": "CVE-2013-3066"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
]
},
"id": "VAR-201409-0058",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"db": "VULHUB",
"id": "VHN-63068"
}
],
"trust": 1.3296296
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04042"
}
]
},
"last_update_date": "2023-12-18T13:53:21.579000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linksys Home Networking",
"trust": 0.8,
"url": "http://www.linksys.com/en-apac/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-63068"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"db": "NVD",
"id": "CVE-2013-3066"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
},
{
"trust": 1.8,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/vulnerability_catalog.pdf"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3066"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3066"
},
{
"trust": 0.7,
"url": "http://www.securityfocus.com/bid/59305"
},
{
"trust": 0.6,
"url": "http://news.cnet.com/8301-1009_3-57579981-83/top-wi-fi-routers-easy-to-hack-says-study/"
},
{
"trust": 0.6,
"url": "http://securityevaluators.com/content/case-studies/routers/soho_router_hacks.jsp"
},
{
"trust": 0.6,
"url": "http://securityevaluators.com/content/case-studies/routers/netgear_wndr4700.jsp"
},
{
"trust": 0.3,
"url": "http://www.netgear.com/wndr4700#"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/264.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"db": "VULHUB",
"id": "VHN-63068"
},
{
"db": "VULMON",
"id": "CVE-2013-3066"
},
{
"db": "BID",
"id": "59305"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"db": "NVD",
"id": "CVE-2013-3066"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"db": "VULHUB",
"id": "VHN-63068"
},
{
"db": "VULMON",
"id": "CVE-2013-3066"
},
{
"db": "BID",
"id": "59305"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"db": "NVD",
"id": "CVE-2013-3066"
},
{
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"date": "2014-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63068"
},
{
"date": "2014-09-29T00:00:00",
"db": "VULMON",
"id": "CVE-2013-3066"
},
{
"date": "2013-04-17T00:00:00",
"db": "BID",
"id": "59305"
},
{
"date": "2014-10-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"date": "2014-09-29T22:55:08.237000",
"db": "NVD",
"id": "CVE-2013-3066"
},
{
"date": "2013-04-24T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-04-24T00:00:00",
"db": "CNVD",
"id": "CNVD-2013-04042"
},
{
"date": "2014-09-30T00:00:00",
"db": "VULHUB",
"id": "VHN-63068"
},
{
"date": "2014-09-30T00:00:00",
"db": "VULMON",
"id": "CVE-2013-3066"
},
{
"date": "2013-04-17T00:00:00",
"db": "BID",
"id": "59305"
},
{
"date": "2014-10-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006648"
},
{
"date": "2014-09-30T18:25:30.117000",
"db": "NVD",
"id": "CVE-2013-3066"
},
{
"date": "2014-10-08T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys EA6500 Vulnerability in which important information is obtained in the firmware of",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006648"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201304-496"
}
],
"trust": 0.6
}
}
VAR-201411-0433
Vulnerability from variot - Updated: 2023-12-18 13:24Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI. In addition, JVNVU#96488651 Then CWE-320 It is published as CWE-320: Key Management Errors https://cwe.mitre.org/data/definitions/320.htmlBy a third party /.htpasswd URI Via a direct request to MD5 A password hash may be obtained. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0433",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ea2700",
"scope": null,
"trust": 1.6,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea3500",
"scope": null,
"trust": 1.6,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea3500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea3500",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "2.0.14294"
},
{
"model": "ea6200",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.41"
},
{
"model": "ea6500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6900",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.42"
},
{
"model": "ea2700",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6900",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6400",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6700",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea4500",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "2.0.14212.1"
},
{
"model": "ea6500",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea6400",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "e4200v2",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea4500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6700",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea2700",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "2.0.14294"
},
{
"model": "e4200v2",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "2.0.14212.1"
},
{
"model": "ea6300",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea6200",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6300",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "linksys",
"version": null
},
{
"model": "e4200v2",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "e4200v2",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "2.1.41 (build 162351)"
},
{
"model": "ea4500",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea4500",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "2.1.41 (build 162351)"
},
{
"model": "ea6200",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6200",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.41 (build 162599)"
},
{
"model": "ea6300",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6300",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.40 (build 160989)"
},
{
"model": "ea6400",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6400",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.40 (build 160989)"
},
{
"model": "ea6500",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6500",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.40 (build 160989)"
},
{
"model": "ea6700",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6700",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.40 (build 160989)"
},
{
"model": "ea6900",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6900",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.42 (build 161129)"
},
{
"model": "smart wifi build",
"scope": "lt",
"trust": 0.6,
"vendor": "cisco",
"version": "2.1.41162351"
},
{
"model": "ea2700",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.0.14294"
},
{
"model": "ea6900",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.42"
},
{
"model": "ea6700",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea6500",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "e4200v2",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.0.14212.1"
},
{
"model": "ea6300",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea3500",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.0.14294"
},
{
"model": "ea6200",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.41"
},
{
"model": "ea4500",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.0.14212.1"
},
{
"model": "ea6400",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.40"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"db": "NVD",
"id": "CVE-2014-8243"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.14212.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:e4200v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.14212.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:e4200v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6300_firmware:*:153731:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6900_firmware:*:158863:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.42",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea2700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.14294",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea2700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea3500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.14294",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea3500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6200_firmware:*:153743:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.41",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6700_firmware:*:153731:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8243"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kyle Lovett",
"sources": [
{
"db": "BID",
"id": "70860"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8243",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 3.3,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-8243",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "CNVD-2014-07853",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 6.5,
"id": "VHN-76188",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.1,
"vectorString": "AV:A/AC:L/AU:N/C:P/I:N/A:N",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8243",
"trust": 1.8,
"value": "LOW"
},
{
"author": "CNVD",
"id": "CNVD-2014-07853",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-001",
"trust": 0.6,
"value": "LOW"
},
{
"author": "VULHUB",
"id": "VHN-76188",
"trust": 0.1,
"value": "LOW"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"db": "VULHUB",
"id": "VHN-76188"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"db": "NVD",
"id": "CVE-2014-8243"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator\u0027s MD5 password hash via a direct request for the /.htpasswd URI. In addition, JVNVU#96488651 Then CWE-320 It is published as CWE-320: Key Management Errors https://cwe.mitre.org/data/definitions/320.htmlBy a third party /.htpasswd URI Via a direct request to MD5 A password hash may be obtained. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8243"
},
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"db": "BID",
"id": "70860"
},
{
"db": "VULHUB",
"id": "VHN-76188"
}
],
"trust": 3.24
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8243",
"trust": 3.4
},
{
"db": "CERT/CC",
"id": "VU#447516",
"trust": 3.3
},
{
"db": "BID",
"id": "70860",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU96488651",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188",
"trust": 0.8
},
{
"db": "CNVD",
"id": "CNVD-2014-07853",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201411-001",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-76188",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"db": "VULHUB",
"id": "VHN-76188"
},
{
"db": "BID",
"id": "70860"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"db": "NVD",
"id": "CVE-2014-8243"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
]
},
"id": "VAR-201411-0433",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"db": "VULHUB",
"id": "VHN-76188"
}
],
"trust": 1.53333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07853"
}
]
},
"last_update_date": "2023-12-18T13:24:49.269000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "EA2700 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-apac/support/routers/ea2700"
},
{
"title": "EA6900 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6900"
},
{
"title": "EA3500 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-apac/support/routers/ea3500"
},
{
"title": "EA4500 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea4500"
},
{
"title": "EA6200 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6200"
},
{
"title": "EA6300 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6300"
},
{
"title": "EA6400 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6400"
},
{
"title": "EA6500 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6500"
},
{
"title": "E4200 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/e4200"
},
{
"title": "EA6700 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6700"
},
{
"title": "Patch for Linksys SMART WiFi Information Disclosure Vulnerability (CNVD-2014-07853)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/51556"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-310",
"trust": 1.9
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76188"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"db": "NVD",
"id": "CVE-2014-8243"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "http://www.kb.cert.org/vuls/id/447516"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8243"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/e4200"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea4500"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6200"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6300"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6400"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6500"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6700"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6900"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8243"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96488651/index.html"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"db": "VULHUB",
"id": "VHN-76188"
},
{
"db": "BID",
"id": "70860"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"db": "NVD",
"id": "CVE-2014-8243"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"db": "VULHUB",
"id": "VHN-76188"
},
{
"db": "BID",
"id": "70860"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"db": "NVD",
"id": "CVE-2014-8243"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-31T00:00:00",
"db": "CERT/CC",
"id": "VU#447516"
},
{
"date": "2014-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"date": "2014-11-01T00:00:00",
"db": "VULHUB",
"id": "VHN-76188"
},
{
"date": "2014-10-31T00:00:00",
"db": "BID",
"id": "70860"
},
{
"date": "2014-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"date": "2014-11-01T10:55:02.790000",
"db": "NVD",
"id": "CVE-2014-8243"
},
{
"date": "2014-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#447516"
},
{
"date": "2014-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07853"
},
{
"date": "2014-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-76188"
},
{
"date": "2014-10-31T00:00:00",
"db": "BID",
"id": "70860"
},
{
"date": "2014-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005188"
},
{
"date": "2014-11-04T02:38:06.157000",
"db": "NVD",
"id": "CVE-2014-8243"
},
{
"date": "2014-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "specific network environment",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys SMART WiFi firmware contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#447516"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "encryption problem",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-001"
}
],
"trust": 0.6
}
}
VAR-201411-0434
Vulnerability from variot - Updated: 2023-12-18 13:24Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request. Linksys EA series routers running the Linksys SMART WiFi firmware contain multiple vulnerabilities. This may aid in further attacks
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201411-0434",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ea2700",
"scope": null,
"trust": 1.6,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea3500",
"scope": null,
"trust": 1.6,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea3500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea3500",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "2.0.14294"
},
{
"model": "ea6200",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.41"
},
{
"model": "ea6500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6900",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.42"
},
{
"model": "ea2700",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6400",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6900",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6700",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea4500",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "2.0.14212.1"
},
{
"model": "ea6500",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea6400",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "e4200v2",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea4500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6700",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea2700",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "2.0.14294"
},
{
"model": "e4200v2",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "2.0.14212.1"
},
{
"model": "ea6300",
"scope": "lte",
"trust": 1.0,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea6200",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6300",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "linksys",
"version": null
},
{
"model": "e4200v2",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "e4200v2",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "2.1.41 (build 162351)"
},
{
"model": "ea4500",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea4500",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "2.1.41 (build 162351)"
},
{
"model": "ea6200",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6200",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.41 (build 162599)"
},
{
"model": "ea6300",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6300",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.40 (build 160989)"
},
{
"model": "ea6400",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6400",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.40 (build 160989)"
},
{
"model": "ea6500",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6500",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.40 (build 160989)"
},
{
"model": "ea6700",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6700",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.40 (build 160989)"
},
{
"model": "ea6900",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6900",
"scope": "lt",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.42 (build 161129)"
},
{
"model": "smart wifi build",
"scope": "lt",
"trust": 0.6,
"vendor": "cisco",
"version": "2.1.41162351"
},
{
"model": "ea2700",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.0.14294"
},
{
"model": "ea6900",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.42"
},
{
"model": "ea6700",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea6500",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "e4200v2",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.0.14212.1"
},
{
"model": "ea6300",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.40"
},
{
"model": "ea3500",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.0.14294"
},
{
"model": "ea6200",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.41"
},
{
"model": "ea4500",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "2.0.14212.1"
},
{
"model": "ea6400",
"scope": "eq",
"trust": 0.6,
"vendor": "linksys",
"version": "1.1.40"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"db": "NVD",
"id": "CVE-2014-8244"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea3500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.14294",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea3500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6700_firmware:*:153731:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.14212.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6900_firmware:*:158863:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.42",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6900:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea2700_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.14294",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea2700:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6200_firmware:*:153743:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.41",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6200:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6300_firmware:*:153731:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6300:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:e4200v2_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "2.0.14212.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:e4200v2:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8244"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Kyle Lovett",
"sources": [
{
"db": "BID",
"id": "70864"
}
],
"trust": 0.3
},
"cve": "CVE-2014-8244",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2014-8244",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CNVD-2014-07852",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-76189",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2014-8244",
"trust": 1.8,
"value": "HIGH"
},
{
"author": "CNVD",
"id": "CNVD-2014-07852",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201411-002",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-76189",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2014-8244",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"db": "VULHUB",
"id": "VHN-76189"
},
{
"db": "VULMON",
"id": "CVE-2014-8244"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"db": "NVD",
"id": "CVE-2014-8244"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request. Linksys EA series routers running the Linksys SMART WiFi firmware contain multiple vulnerabilities. This may aid in further attacks",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8244"
},
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"db": "BID",
"id": "70864"
},
{
"db": "VULHUB",
"id": "VHN-76189"
},
{
"db": "VULMON",
"id": "CVE-2014-8244"
}
],
"trust": 3.33
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8244",
"trust": 3.5
},
{
"db": "CERT/CC",
"id": "VU#447516",
"trust": 3.4
},
{
"db": "BID",
"id": "70864",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU96488651",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201411-002",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-07852",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-76189",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2014-8244",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"db": "VULHUB",
"id": "VHN-76189"
},
{
"db": "VULMON",
"id": "CVE-2014-8244"
},
{
"db": "BID",
"id": "70864"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"db": "NVD",
"id": "CVE-2014-8244"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
]
},
"id": "VAR-201411-0434",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"db": "VULHUB",
"id": "VHN-76189"
}
],
"trust": 1.53333335
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07852"
}
]
},
"last_update_date": "2023-12-18T13:24:49.228000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "EA2700 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-apac/support/routers/ea2700"
},
{
"title": "EA6900 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6900"
},
{
"title": "EA3500 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-apac/support/routers/ea3500"
},
{
"title": "EA4500 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea4500"
},
{
"title": "EA6200 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6200"
},
{
"title": "EA6300 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6300"
},
{
"title": "EA6400 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6400"
},
{
"title": "EA6500 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6500"
},
{
"title": "E4200 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/e4200"
},
{
"title": "EA6700 Support",
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6700"
},
{
"title": "Patch for Linksys SMART WiFi Information Disclosure Vulnerability (CNVD-2014-07852)",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/51555"
},
{
"title": "FW_EA6200_1.1.41.164830_prod",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=54674"
},
{
"title": "EA6500v1.2.0.14212.1-Setup",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=54676"
},
{
"title": "FW_EA6700_1.1.40.160989_prod",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=54677"
},
{
"title": "FW_EA6900_1.1.42.161129_prod",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=54678"
},
{
"title": "FW_EA6300_1.1.40.160989_prod",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=54675"
},
{
"title": "LinksysLeaks",
"trust": 0.1,
"url": "https://github.com/jollyjumbuckk/linksysleaks "
},
{
"title": "vulnerability-reports-and-pocs",
"trust": 0.1,
"url": "https://github.com/zeropwn/vulnerability-reports-and-pocs "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/khulnasoft-labs/awesome-security "
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"db": "VULMON",
"id": "CVE-2014-8244"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-200",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76189"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"db": "NVD",
"id": "CVE-2014-8244"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.6,
"url": "http://www.kb.cert.org/vuls/id/447516"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8244"
},
{
"trust": 0.9,
"url": "http://cwe.mitre.org/data/definitions/200.html"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/e4200"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea4500"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6200"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6300"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6400"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6500"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6700"
},
{
"trust": 0.8,
"url": "http://support.linksys.com/en-us/support/routers/ea6900"
},
{
"trust": 0.8,
"url": "http://cwe.mitre.org/data/definitions/310.html"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8244"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu96488651/index.html"
},
{
"trust": 0.3,
"url": "http://www.linksys.com/"
},
{
"trust": 0.1,
"url": "https://github.com/jollyjumbuckk/linksysleaks"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"db": "VULHUB",
"id": "VHN-76189"
},
{
"db": "VULMON",
"id": "CVE-2014-8244"
},
{
"db": "BID",
"id": "70864"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"db": "NVD",
"id": "CVE-2014-8244"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#447516"
},
{
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"db": "VULHUB",
"id": "VHN-76189"
},
{
"db": "VULMON",
"id": "CVE-2014-8244"
},
{
"db": "BID",
"id": "70864"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"db": "NVD",
"id": "CVE-2014-8244"
},
{
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-31T00:00:00",
"db": "CERT/CC",
"id": "VU#447516"
},
{
"date": "2014-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"date": "2014-11-01T00:00:00",
"db": "VULHUB",
"id": "VHN-76189"
},
{
"date": "2014-11-01T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8244"
},
{
"date": "2014-10-31T00:00:00",
"db": "BID",
"id": "70864"
},
{
"date": "2014-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"date": "2014-11-01T10:55:02.853000",
"db": "NVD",
"id": "CVE-2014-8244"
},
{
"date": "2014-11-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-11-07T00:00:00",
"db": "CERT/CC",
"id": "VU#447516"
},
{
"date": "2014-11-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-07852"
},
{
"date": "2014-11-04T00:00:00",
"db": "VULHUB",
"id": "VHN-76189"
},
{
"date": "2014-11-04T00:00:00",
"db": "VULMON",
"id": "CVE-2014-8244"
},
{
"date": "2014-10-31T00:00:00",
"db": "BID",
"id": "70864"
},
{
"date": "2014-11-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-005189"
},
{
"date": "2014-11-04T02:42:20.657000",
"db": "NVD",
"id": "CVE-2014-8244"
},
{
"date": "2014-11-13T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys SMART WiFi firmware contains multiple vulnerabilities",
"sources": [
{
"db": "CERT/CC",
"id": "VU#447516"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "information disclosure",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201411-002"
}
],
"trust": 0.6
}
}
VAR-201409-0056
Vulnerability from variot - Updated: 2023-12-18 13:09Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter. The Linksys EA6500 is a wireless router device. An attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. Other attacks are possible
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201409-0056",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "ea6500",
"scope": "eq",
"trust": 1.9,
"vendor": "linksys",
"version": "1.1.28.147876"
},
{
"model": "ea6500",
"scope": "eq",
"trust": 1.0,
"vendor": "linksys",
"version": null
},
{
"model": "ea6500",
"scope": null,
"trust": 0.8,
"vendor": "cisco linksys",
"version": null
},
{
"model": "ea6500",
"scope": "eq",
"trust": 0.8,
"vendor": "cisco linksys",
"version": "1.1.28.147876"
},
{
"model": "linksys ea6500",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "1.1.28.147876"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"db": "BID",
"id": "70287"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"db": "NVD",
"id": "CVE-2013-3064"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1108"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3064"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Jacob Thompson",
"sources": [
{
"db": "BID",
"id": "70287"
}
],
"trust": 0.3
},
"cve": "CVE-2013-3064",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"trust": 1.0,
"userInteractionRequired": true,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Medium",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 6.8,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2013-3064",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Medium",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-06827",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 8.6,
"id": "VHN-63066",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "NVD",
"id": "CVE-2013-3064",
"trust": 1.8,
"value": "MEDIUM"
},
{
"author": "CNVD",
"id": "CNVD-2014-06827",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "CNNVD",
"id": "CNNVD-201409-1108",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-63066",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"db": "VULHUB",
"id": "VHN-63066"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"db": "NVD",
"id": "CVE-2013-3064"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1108"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter. The Linksys EA6500 is a wireless router device. \nAn attacker can leverage this issue by constructing a crafted URI and enticing a user to follow it. Other attacks are possible",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-3064"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"db": "BID",
"id": "70287"
},
{
"db": "VULHUB",
"id": "VHN-63066"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-3064",
"trust": 3.4
},
{
"db": "BID",
"id": "70287",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006646",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1108",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-06827",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-63066",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"db": "VULHUB",
"id": "VHN-63066"
},
{
"db": "BID",
"id": "70287"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"db": "NVD",
"id": "CVE-2013-3064"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1108"
}
]
},
"id": "VAR-201409-0056",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"db": "VULHUB",
"id": "VHN-63066"
}
],
"trust": 1.45
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06827"
}
]
},
"last_update_date": "2023-12-18T13:09:19.933000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Linksys Home Networking",
"trust": 0.8,
"url": "http://www.linksys.com/en-apac/home"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"db": "NVD",
"id": "CVE-2013-3064"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
},
{
"trust": 2.6,
"url": "http://securityevaluators.com/knowledge/case_studies/routers/vulnerability_catalog.pdf"
},
{
"trust": 1.4,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-3064"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-3064"
},
{
"trust": 0.3,
"url": "http://home.cisco.com/en-us/home"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"db": "VULHUB",
"id": "VHN-63066"
},
{
"db": "BID",
"id": "70287"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"db": "NVD",
"id": "CVE-2013-3064"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1108"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"db": "VULHUB",
"id": "VHN-63066"
},
{
"db": "BID",
"id": "70287"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"db": "NVD",
"id": "CVE-2013-3064"
},
{
"db": "CNNVD",
"id": "CNNVD-201409-1108"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"date": "2014-09-29T00:00:00",
"db": "VULHUB",
"id": "VHN-63066"
},
{
"date": "2014-09-29T00:00:00",
"db": "BID",
"id": "70287"
},
{
"date": "2014-10-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"date": "2014-09-29T22:55:08.127000",
"db": "NVD",
"id": "CVE-2013-3064"
},
{
"date": "2014-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-1108"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-10-16T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-06827"
},
{
"date": "2014-09-30T00:00:00",
"db": "VULHUB",
"id": "VHN-63066"
},
{
"date": "2014-09-29T00:00:00",
"db": "BID",
"id": "70287"
},
{
"date": "2014-10-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006646"
},
{
"date": "2014-09-30T18:23:24.327000",
"db": "NVD",
"id": "CVE-2013-3064"
},
{
"date": "2014-09-30T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201409-1108"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201409-1108"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Linksys EA6500 Of firmware ui/dynamic/unsecured.html Open redirect vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006646"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Input Validation Error",
"sources": [
{
"db": "BID",
"id": "70287"
}
],
"trust": 0.3
}
}
FKIE_CVE-2014-8244
Vulnerability from fkie_nvd - Published: 2014-11-01 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/447516 | Exploit, Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/447516 | Exploit, Patch, Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linksys | ea3500_firmware | * | |
| linksys | ea3500 | - | |
| linksys | ea6700_firmware | * | |
| linksys | ea6700 | - | |
| linksys | ea6500_firmware | * | |
| linksys | ea6500 | - | |
| linksys | ea4500_firmware | * | |
| linksys | ea4500 | - | |
| linksys | ea6900_firmware | * | |
| linksys | ea6900 | - | |
| linksys | ea2700_firmware | * | |
| linksys | ea2700 | - | |
| linksys | ea6400_firmware | * | |
| linksys | ea6400 | - | |
| linksys | ea6200_firmware | * | |
| linksys | ea6200 | - | |
| linksys | ea6300_firmware | * | |
| linksys | ea6300 | - | |
| linksys | e4200v2_firmware | * | |
| linksys | e4200v2 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3408C1A9-6620-48F3-8F9F-6AB8160100D4",
"versionEndIncluding": "2.0.14294",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7900CB-84CC-476B-B0B6-490625F40D4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6700_firmware:*:153731:*:*:*:*:*:*",
"matchCriteriaId": "5538CA50-CF31-4C2A-B817-97BA98D4CCF2",
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2308E051-EAD1-4558-84F3-C4B665CB3088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:*",
"matchCriteriaId": "373B9DE7-4B12-46EB-AADE-991C624AF2C2",
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EADC8D1-E9D1-4DBA-A5B9-E58FE3770353",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1A4B40-0652-4235-A142-B239021D8BB4",
"versionEndIncluding": "2.0.14212.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F4E6A9-A5EC-4B0A-8328-DC05AB5AFB88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6900_firmware:*:158863:*:*:*:*:*:*",
"matchCriteriaId": "699BC2F3-5C61-4A2C-960D-577D73D7A3CD",
"versionEndIncluding": "1.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1523B074-97B4-4744-9D49-4A6447377B51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01D5B2C-EF7E-4B5F-BA85-D48C1A2F1128",
"versionEndIncluding": "2.0.14294",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5478779B-2AA9-443E-A59E-4F5318138977",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:*",
"matchCriteriaId": "92806FDB-FF8F-48AB-B2CB-C182636287A8",
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EBE448A-0934-460A-8273-BED87A372401",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6200_firmware:*:153743:*:*:*:*:*:*",
"matchCriteriaId": "56CE26A9-BB16-4C7F-BC9A-A2AA57DABE1E",
"versionEndIncluding": "1.1.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC731379-8F48-4181-ABBC-23B230E6851F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6300_firmware:*:153731:*:*:*:*:*:*",
"matchCriteriaId": "9617D6A5-633E-44D3-B471-0AE54F3B0829",
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD05641-3B22-402F-A019-586FEF08AAE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:e4200v2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC4B949-183A-4581-BE90-CE831C495268",
"versionEndIncluding": "2.0.14212.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:e4200v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9600AA5-1C29-4C14-8072-94A701AF11B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request."
},
{
"lang": "es",
"value": "Linksys SMART WiFi firmware en los dispositivos EA2700 y EA3500; anterior a 2.1.41 build 162351 en los dispositivos E4200v2 y EA4500; anterior a 1.1.41 build 162599 en los dispositivos EA6200; anterior a 1.1.40 build 160989 en los dispositivos EA6300, EA6400, EA6500, y EA6700; y anterior a 1.1.42 build 161129 en los dispositivos EA6900 permite a atacantes remotos obtener informaci\u00f3n o modificar datos a trav\u00e9s de una acci\u00f3n JNAP en una solicitud JNAP/ HTTP."
}
],
"id": "CVE-2014-8244",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-01T10:55:02.853",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2014-8243
Vulnerability from fkie_nvd - Published: 2014-11-01 10:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.
References
| URL | Tags | ||
|---|---|---|---|
| cret@cert.org | http://www.kb.cert.org/vuls/id/447516 | Exploit, Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/447516 | Exploit, Patch, Third Party Advisory, US Government Resource |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linksys | ea4500_firmware | * | |
| linksys | ea4500 | - | |
| linksys | ea6500_firmware | * | |
| linksys | ea6500 | - | |
| linksys | ea6400_firmware | * | |
| linksys | ea6400 | - | |
| linksys | e4200v2_firmware | * | |
| linksys | e4200v2 | - | |
| linksys | ea6300_firmware | * | |
| linksys | ea6300 | - | |
| linksys | ea6900_firmware | * | |
| linksys | ea6900 | - | |
| linksys | ea2700_firmware | * | |
| linksys | ea2700 | - | |
| linksys | ea3500_firmware | * | |
| linksys | ea3500 | - | |
| linksys | ea6200_firmware | * | |
| linksys | ea6200 | - | |
| linksys | ea6700_firmware | * | |
| linksys | ea6700 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1F1A4B40-0652-4235-A142-B239021D8BB4",
"versionEndIncluding": "2.0.14212.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "19F4E6A9-A5EC-4B0A-8328-DC05AB5AFB88",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:*",
"matchCriteriaId": "373B9DE7-4B12-46EB-AADE-991C624AF2C2",
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EADC8D1-E9D1-4DBA-A5B9-E58FE3770353",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:*",
"matchCriteriaId": "92806FDB-FF8F-48AB-B2CB-C182636287A8",
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4EBE448A-0934-460A-8273-BED87A372401",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:e4200v2_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AC4B949-183A-4581-BE90-CE831C495268",
"versionEndIncluding": "2.0.14212.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:e4200v2:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C9600AA5-1C29-4C14-8072-94A701AF11B2",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6300_firmware:*:153731:*:*:*:*:*:*",
"matchCriteriaId": "9617D6A5-633E-44D3-B471-0AE54F3B0829",
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6300:-:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD05641-3B22-402F-A019-586FEF08AAE7",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6900_firmware:*:158863:*:*:*:*:*:*",
"matchCriteriaId": "699BC2F3-5C61-4A2C-960D-577D73D7A3CD",
"versionEndIncluding": "1.1.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6900:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1523B074-97B4-4744-9D49-4A6447377B51",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea2700_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D01D5B2C-EF7E-4B5F-BA85-D48C1A2F1128",
"versionEndIncluding": "2.0.14294",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea2700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "5478779B-2AA9-443E-A59E-4F5318138977",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea3500_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "3408C1A9-6620-48F3-8F9F-6AB8160100D4",
"versionEndIncluding": "2.0.14294",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea3500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7A7900CB-84CC-476B-B0B6-490625F40D4C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6200_firmware:*:153743:*:*:*:*:*:*",
"matchCriteriaId": "56CE26A9-BB16-4C7F-BC9A-A2AA57DABE1E",
"versionEndIncluding": "1.1.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6200:-:*:*:*:*:*:*:*",
"matchCriteriaId": "FC731379-8F48-4181-ABBC-23B230E6851F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6700_firmware:*:153731:*:*:*:*:*:*",
"matchCriteriaId": "5538CA50-CF31-4C2A-B817-97BA98D4CCF2",
"versionEndIncluding": "1.1.40",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6700:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2308E051-EAD1-4558-84F3-C4B665CB3088",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator\u0027s MD5 password hash via a direct request for the /.htpasswd URI."
},
{
"lang": "es",
"value": "Linksys SMART WiFi firmware en los dispositivos EA2700 y EA3500; anterior a 2.1.41 build 162351 en los dispositivos E4200v2 y EA4500; anterior a 1.1.41 build 162599 en los dispositivos EA6200; anterior a 1.1.40 build 160989 en los dispositivos EA6300, EA6400, EA6500, y EA6700 devices; y anterior a 1.1.42 build 161129 en los dispositivos EA6900 permite a atacantes remotos obtener el hash de la contrase\u00f1a MD5 del administrador a trav\u00e9s de una solicitud directa para la URI /.htpasswd."
}
],
"id": "CVE-2014-8243",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2014-11-01T10:55:02.790",
"references": [
{
"source": "cret@cert.org",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"sourceIdentifier": "cret@cert.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-310"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3064
Vulnerability from fkie_nvd - Published: 2014-09-29 22:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linksys | ea6500_firmware | 1.1.28.147876 | |
| linksys | ea6500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876:*:*:*:*:*:*:*",
"matchCriteriaId": "B48B8672-1F23-434E-AC77-1EEBCFC62D6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EADC8D1-E9D1-4DBA-A5B9-E58FE3770353",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter."
},
{
"lang": "es",
"value": "Vulnerabilidad de redirecci\u00f3n abierta en ui/dynamic/unsecured.html en Linksys EA6500 can firmware 1.1.28.147876 permite a atacantes remotos redirigir usuarios hacia sitios web arbitrarios y realizar ataques de phishing a trav\u00e9s de una URL en el par\u00e1metro target."
}
],
"evaluatorComment": "\u003ca href = \"http://cwe.mitre.org/data/definitions/601.html\"\u003e CWE-601: URL Redirection to Untrusted Site (\u0027Open Redirect\u0027) \u003c/a\u003e",
"id": "CVE-2013-3064",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-09-29T22:55:08.127",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3066
Vulnerability from fkie_nvd - Published: 2014-09-29 22:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linksys | ea6500_firmware | 1.1.28.147876 | |
| linksys | ea6500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876:*:*:*:*:*:*:*",
"matchCriteriaId": "B48B8672-1F23-434E-AC77-1EEBCFC62D6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EADC8D1-E9D1-4DBA-A5B9-E58FE3770353",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/."
},
{
"lang": "es",
"value": "Linksys EA6500 con firmware 1.1.28.147876 no restirnge debidamente el acceso, lo que permite a atacantes remotos obtener informaci\u00f3n sensible (clientes y configuraciones de routers) a trav\u00e9s de una solicitud en /JNAP/."
}
],
"id": "CVE-2013-3066",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-09-29T22:55:08.237",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2013-3065
Vulnerability from fkie_nvd - Published: 2014-09-29 22:55 - Updated: 2025-04-12 10:46
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linksys | ea6500_firmware | 1.1.28.147876 | |
| linksys | ea6500 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876:*:*:*:*:*:*:*",
"matchCriteriaId": "B48B8672-1F23-434E-AC77-1EEBCFC62D6E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*",
"matchCriteriaId": "6EADC8D1-E9D1-4DBA-A5B9-E58FE3770353",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section."
},
{
"lang": "es",
"value": "Vulnerabilidad de XSS en la secci\u00f3n Parental Controls en Linksys EA6500 con firmware 1.1.28.147876 permite a usuarios remotos autenticados inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de vectores relacionados con la secci\u00f3n Blocked Specific Sites."
}
],
"id": "CVE-2013-3065",
"lastModified": "2025-04-12T10:46:40.837",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-09-29T22:55:08.190",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2014-8243 (GCVE-0-2014-8243)
Vulnerability from cvelistv5 – Published: 2014-11-01 10:00 – Updated: 2024-08-06 13:10
VLAI?
Summary
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#447516",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator\u0027s MD5 password hash via a direct request for the /.htpasswd URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-01T04:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#447516",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-8243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator\u0027s MD5 password hash via a direct request for the /.htpasswd URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#447516",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/447516"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-8243",
"datePublished": "2014-11-01T10:00:00",
"dateReserved": "2014-10-12T00:00:00",
"dateUpdated": "2024-08-06T13:10:50.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8244 (GCVE-0-2014-8244)
Vulnerability from cvelistv5 – Published: 2014-11-01 10:00 – Updated: 2024-08-06 13:10
VLAI?
Summary
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:51.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#447516",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-01T04:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#447516",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-8244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#447516",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/447516"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-8244",
"datePublished": "2014-11-01T10:00:00",
"dateReserved": "2014-10-12T00:00:00",
"dateUpdated": "2024-08-06T13:10:51.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3066 (GCVE-0-2013-3066)
Vulnerability from cvelistv5 – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3066",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-15T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3064 (GCVE-0-2013-3064)
Vulnerability from cvelistv5 – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3064",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-15T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3065 (GCVE-0-2013-3065)
Vulnerability from cvelistv5 – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3065",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-15T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8243 (GCVE-0-2014-8243)
Vulnerability from nvd – Published: 2014-11-01 10:00 – Updated: 2024-08-06 13:10
VLAI?
Summary
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:50.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#447516",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator\u0027s MD5 password hash via a direct request for the /.htpasswd URI."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-01T04:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#447516",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-8243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator\u0027s MD5 password hash via a direct request for the /.htpasswd URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#447516",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/447516"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-8243",
"datePublished": "2014-11-01T10:00:00",
"dateReserved": "2014-10-12T00:00:00",
"dateUpdated": "2024-08-06T13:10:50.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2014-8244 (GCVE-0-2014-8244)
Vulnerability from nvd – Published: 2014-11-01 10:00 – Updated: 2024-08-06 13:10
VLAI?
Summary
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T13:10:51.252Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#447516",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-10-31T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-11-01T04:57:00",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"name": "VU#447516",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/447516"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cert@cert.org",
"ID": "CVE-2014-8244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#447516",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/447516"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2014-8244",
"datePublished": "2014-11-01T10:00:00",
"dateReserved": "2014-10-12T00:00:00",
"dateUpdated": "2024-08-06T13:10:51.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3066 (GCVE-0-2013-3066)
Vulnerability from nvd – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.445Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3066",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-15T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.445Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3064 (GCVE-0-2013-3064)
Vulnerability from nvd – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.630Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Open redirect vulnerability in ui/dynamic/unsecured.html in Linksys EA6500 with firmware 1.1.28.147876 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the target parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3064",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-15T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.630Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2013-3065 (GCVE-0-2013-3065)
Vulnerability from nvd – Published: 2014-09-29 22:00 – Updated: 2024-08-06 16:00
VLAI?
Summary
Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T16:00:09.890Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-04-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2014-09-29T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-3065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the Parental Controls section in Linksys EA6500 with firmware 1.1.28.147876 allows remote authenticated users to inject arbitrary web script or HTML via vectors related to the Blocked Specific Sites section."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf"
},
{
"name": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php",
"refsource": "MISC",
"url": "http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2013-3065",
"datePublished": "2014-09-29T22:00:00",
"dateReserved": "2013-04-15T00:00:00",
"dateUpdated": "2024-08-06T16:00:09.890Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}