CVE-2014-2719

CWE-200Information Exposure3 documents3 sources
Severity
6.3MEDIUM
EPSS
0.3%
top 45.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Asus Rt-ac66u FirmwareAsus Rt-ac68u FirmwareAsus Rt-n10e Firmware+6 more
Timeline
PublishedApr 22
Latest updateMay 17

Description

Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.

CVSS vector

AV:N/AC:M/C:C/I:N/A:NExploitability: 6.8 | Impact: 6.9

Affected Packages9 packages

NVDasus/rt-n16_firmware10 versions+9
NVDasus/rt-n10e_firmware7 versions+6
NVDasus/rt-n14u_firmware3.0.0.4.322, 3.0.0.4.356+1
NVDasus/rt-n56u_firmware14 versions+13
NVDasus/rt-n65u_firmware6 versions+5

🔴Vulnerability Details

2
GHSA
GHSA-rx4g-9g3h-5mmf: Advanced_System_Content2022-05-17
CVEList
CVE-2014-2719: Advanced_System_Content2014-04-21
CVE-2014-2719 (MEDIUM CVSS 6.3) | Advanced_System_Content.asp in the | cvebase.io