cve-2014-2719
Vulnerability from cvelistv5
Published
2014-04-21 14:00
Modified
2024-08-06 10:21
Severity ?
EPSS score ?
Summary
Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T10:21:36.055Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29"
},
{
"name": "20140416 ASUS RT-XXXX SOHO routers expose admin password, fixed in 3.0.0.4.374.5517",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/225"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2014-04-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-09-16T13:57:02",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29"
},
{
"name": "20140416 ASUS RT-XXXX SOHO routers expose admin password, fixed in 3.0.0.4.374.5517",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2014/Apr/225"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.t-mobile.com/docs/DOC-21994"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2719",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html",
"refsource": "MISC",
"url": "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html"
},
{
"name": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29",
"refsource": "CONFIRM",
"url": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29"
},
{
"name": "20140416 ASUS RT-XXXX SOHO routers expose admin password, fixed in 3.0.0.4.374.5517",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2014/Apr/225"
},
{
"name": "https://support.t-mobile.com/docs/DOC-21994",
"refsource": "CONFIRM",
"url": "https://support.t-mobile.com/docs/DOC-21994"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2014-2719",
"datePublished": "2014-04-21T14:00:00",
"dateReserved": "2014-04-01T00:00:00",
"dateUpdated": "2024-08-06T10:21:36.055Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2014-2719\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2014-04-22T13:06:29.493\",\"lastModified\":\"2024-11-21T02:06:49.840\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.\"},{\"lang\":\"es\",\"value\":\"Advanced_System_Content.asp en routers de la serie ASUS RT con firmware anterior a 3.0.0.4.374.5517, cuando una sesi\u00f3n de administrador est\u00e1 activa, permite a usuarios remotos autenticados obtener el nombre de usuario y contrase\u00f1a del administrador mediante la lectura del c\u00f3digo fuente.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:S/C:C/I:N/A:N\",\"baseScore\":6.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":6.8,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.140:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A946A449-7623-48FE-878A-E17DA2F41A11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.220:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A023852A-84B7-4937-886D-8893CD778DDF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.246:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDB8B4AB-0EF4-4963-AE20-F4F1C3ABFC26\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.260:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"553DE051-C59F-4B16-A733-C2055B14DB1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.270:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37AE944A-EF53-4F57-8A86-7DE209F00D17\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.354:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AE0E4E9-B08F-4DB3-A5D5-DBCDA81E4200\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.4755:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"536FCD9A-4DBA-465D-8FE8-9E9D815BAB81\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4561:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6E3E3F39-1F5A-4AE5-A379-3344BFC1E00D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4887:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"753D3C81-F078-47B9-8D0B-822EBE9443AE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEB012B3-5C57-4310-8F1A-208D2E470A6C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8F1D15BC-D83F-4949-863B-817FA2A0A23D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0ACDCE11-5422-4AB1-AC89-3C3DF05FDE1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C7607C5-EF0C-40FA-BADA-2316BA4A5E41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"340D98A2-2018-4A24-B654-3A7032FCE518\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"94999CA4-A60A-4F1E-8933-2CB1CA9D83A0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132C4DDD-5914-47E0-BDBA-E918E7F0E747\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.322:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C7A0A4C1-226A-42D5-A728-CBB7D2B02A50\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.356:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A04943B-0627-4B6D-A01A-3722F7025723\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:1.0.1.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C76611FB-9811-48E5-8F16-824A15CFC226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:1.0.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6887911A-9CD0-419C-AE2E-932F8AD179DB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.108:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"65D943A4-CD5D-4381-8C4F-FF4FC600F226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.162:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5AA3CD4B-B518-459B-AFF5-CCFF47D3BAEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.178:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"939D788D-BFF7-4DEB-8C47-751532E4AC36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.220:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DF6BBB0E-D69B-4854-8A5C-D6C20ABB857E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.246:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C1CCB22-3D8D-4618-819B-2EA14C42A4C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.260:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"715FFC31-33A1-469E-BF65-4749F6643EEF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.354:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C1A3AFBC-A89F-4037-B863-55F7791A3635\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n16_firmware:7.0.2.38b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E0EAF76-C2F8-4AD5-BF3D-0922DEED7B46\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D8E3CB7-1ADA-428C-881F-BB266991F39D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4o:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"699F6C57-F1AE-4AF5-BF56-529D41C91068\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7c:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F17E0B8C-7BA1-4FC5-84EC-4FFC87A9AC12\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7f:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"69C68ABB-391D-45D8-9250-D93F8BFE305C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8j:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1FDDF9C-4C30-4AAC-9449-7404181071B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8l:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2DE8F24A-837B-4198-B8F6-E42386D2F524\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8n:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14A9D580-ACD6-4F2F-9322-E6B4C72C8BE9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.318:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2660735-2247-42D9-9BAA-D785D18E6F51\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.334:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"401BB537-95FB-4BFB-BC40-CD73817D7E9A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.342:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"04A7CA72-DFAD-4E9A-BB3E-EAE9973C19C7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.360:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3C65A6B-4F24-4DFE-B478-49BEE4A5FC65\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64BCA764-5BAD-4CAB-B39F-A1D67E44EDA9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8CF40558-B7F8-4A2B-9819-EE3DD2C183AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n56u_firmware:8.1.1.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F70D82C1-764C-4DF0-B296-964602D0EC54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.134:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02E9974C-F3E1-4145-865F-974982804823\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.176:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3979CD4-DFBC-460C-8E92-879F7C355D52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.260:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1EA3F63E-F4FA-4066-AEA0-B1149E4B1190\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.334:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E9A77E0-1CC3-4E07-B99A-8DC750C982F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.342:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"642056A2-9B4E-465C-8333-392C70D658AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.346:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E68C357-45E5-4086-9697-A9DD75E22063\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.272:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82C3DA99-69D6-4C2D-B485-7785EEDA38F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.370:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16CE2D06-AFAB-4284-9C63-A088F4ACEBAB\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E23D00B-76E3-438C-8023-3D7CC6AEEE15\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"919D9673-1FCA-431D-9F30-643AAEFAC1DA\"}]}]}],\"references\":[{\"url\":\"http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://seclists.org/fulldisclosure/2014/Apr/225\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.t-mobile.com/docs/DOC-21994\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2014/Apr/225\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.t-mobile.com/docs/DOC-21994\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.