fkie_cve-2014-2719
Vulnerability from fkie_nvd
Published
2014-04-22 13:06
Modified
2024-11-21 02:06
Severity ?
Summary
Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.
References
cve@mitre.orghttp://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html
cve@mitre.orghttp://seclists.org/fulldisclosure/2014/Apr/225
cve@mitre.orghttp://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29
cve@mitre.orghttps://support.t-mobile.com/docs/DOC-21994
af854a3a-2127-422b-91ae-364da2661108http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2014/Apr/225
af854a3a-2127-422b-91ae-364da2661108http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29
af854a3a-2127-422b-91ae-364da2661108https://support.t-mobile.com/docs/DOC-21994
Impacted products
Vendor Product Version
asus rt-ac66u_firmware 3.0.0.4.140
asus rt-ac66u_firmware 3.0.0.4.220
asus rt-ac66u_firmware 3.0.0.4.246
asus rt-ac66u_firmware 3.0.0.4.260
asus rt-ac66u_firmware 3.0.0.4.270
asus rt-ac66u_firmware 3.0.0.4.354
asus rt-ac68u_firmware 3.0.0.4.374.4755
asus rt-ac68u_firmware 3.0.0.4.374_4561
asus rt-ac68u_firmware 3.0.0.4.374_4887
asus rt-n10e_firmware 2.0.0.7
asus rt-n10e_firmware 2.0.0.10
asus rt-n10e_firmware 2.0.0.16
asus rt-n10e_firmware 2.0.0.19
asus rt-n10e_firmware 2.0.0.20
asus rt-n10e_firmware 2.0.0.24
asus rt-n10e_firmware 2.0.0.25
asus rt-n14u_firmware 3.0.0.4.322
asus rt-n14u_firmware 3.0.0.4.356
asus rt-n16_firmware 1.0.1.9
asus rt-n16_firmware 1.0.2.3
asus rt-n16_firmware 3.0.0.3.108
asus rt-n16_firmware 3.0.0.3.162
asus rt-n16_firmware 3.0.0.3.178
asus rt-n16_firmware 3.0.0.4.220
asus rt-n16_firmware 3.0.0.4.246
asus rt-n16_firmware 3.0.0.4.260
asus rt-n16_firmware 3.0.0.4.354
asus rt-n16_firmware 7.0.2.38b
asus rt-n56u_firmware 1.0.1.4
asus rt-n56u_firmware 1.0.1.4o
asus rt-n56u_firmware 1.0.1.7c
asus rt-n56u_firmware 1.0.1.7f
asus rt-n56u_firmware 1.0.1.8j
asus rt-n56u_firmware 1.0.1.8l
asus rt-n56u_firmware 1.0.1.8n
asus rt-n56u_firmware 3.0.0.4.318
asus rt-n56u_firmware 3.0.0.4.334
asus rt-n56u_firmware 3.0.0.4.342
asus rt-n56u_firmware 3.0.0.4.360
asus rt-n56u_firmware 7.0.1.21
asus rt-n56u_firmware 7.0.1.32
asus rt-n56u_firmware 8.1.1.4
asus rt-n65u_firmware 3.0.0.3.134
asus rt-n65u_firmware 3.0.0.3.176
asus rt-n65u_firmware 3.0.0.4.260
asus rt-n65u_firmware 3.0.0.4.334
asus rt-n65u_firmware 3.0.0.4.342
asus rt-n65u_firmware 3.0.0.4.346
asus rt-n66u_firmware 3.0.0.4.272
asus rt-n66u_firmware 3.0.0.4.370
asus rt-ac68u -
t-mobile tm-ac1900 3.0.0.4.376_3169


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.140:*:*:*:*:*:*:*",
              "matchCriteriaId": "A946A449-7623-48FE-878A-E17DA2F41A11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.220:*:*:*:*:*:*:*",
              "matchCriteriaId": "A023852A-84B7-4937-886D-8893CD778DDF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.246:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB8B4AB-0EF4-4963-AE20-F4F1C3ABFC26",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
              "matchCriteriaId": "553DE051-C59F-4B16-A733-C2055B14DB1E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.270:*:*:*:*:*:*:*",
              "matchCriteriaId": "37AE944A-EF53-4F57-8A86-7DE209F00D17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.354:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AE0E4E9-B08F-4DB3-A5D5-DBCDA81E4200",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.4755:*:*:*:*:*:*:*",
              "matchCriteriaId": "536FCD9A-4DBA-465D-8FE8-9E9D815BAB81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4561:*:*:*:*:*:*:*",
              "matchCriteriaId": "6E3E3F39-1F5A-4AE5-A379-3344BFC1E00D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4887:*:*:*:*:*:*:*",
              "matchCriteriaId": "753D3C81-F078-47B9-8D0B-822EBE9443AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "AEB012B3-5C57-4310-8F1A-208D2E470A6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F1D15BC-D83F-4949-863B-817FA2A0A23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "0ACDCE11-5422-4AB1-AC89-3C3DF05FDE1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C7607C5-EF0C-40FA-BADA-2316BA4A5E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "340D98A2-2018-4A24-B654-3A7032FCE518",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "94999CA4-A60A-4F1E-8933-2CB1CA9D83A0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "132C4DDD-5914-47E0-BDBA-E918E7F0E747",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.322:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7A0A4C1-226A-42D5-A728-CBB7D2B02A50",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.356:*:*:*:*:*:*:*",
              "matchCriteriaId": "3A04943B-0627-4B6D-A01A-3722F7025723",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:1.0.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "C76611FB-9811-48E5-8F16-824A15CFC226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:1.0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6887911A-9CD0-419C-AE2E-932F8AD179DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.108:*:*:*:*:*:*:*",
              "matchCriteriaId": "65D943A4-CD5D-4381-8C4F-FF4FC600F226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.162:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AA3CD4B-B518-459B-AFF5-CCFF47D3BAEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.178:*:*:*:*:*:*:*",
              "matchCriteriaId": "939D788D-BFF7-4DEB-8C47-751532E4AC36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.220:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF6BBB0E-D69B-4854-8A5C-D6C20ABB857E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.246:*:*:*:*:*:*:*",
              "matchCriteriaId": "8C1CCB22-3D8D-4618-819B-2EA14C42A4C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
              "matchCriteriaId": "715FFC31-33A1-469E-BF65-4749F6643EEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.354:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1A3AFBC-A89F-4037-B863-55F7791A3635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n16_firmware:7.0.2.38b:*:*:*:*:*:*:*",
              "matchCriteriaId": "2E0EAF76-C2F8-4AD5-BF3D-0922DEED7B46",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D8E3CB7-1ADA-428C-881F-BB266991F39D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4o:*:*:*:*:*:*:*",
              "matchCriteriaId": "699F6C57-F1AE-4AF5-BF56-529D41C91068",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7c:*:*:*:*:*:*:*",
              "matchCriteriaId": "F17E0B8C-7BA1-4FC5-84EC-4FFC87A9AC12",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7f:*:*:*:*:*:*:*",
              "matchCriteriaId": "69C68ABB-391D-45D8-9250-D93F8BFE305C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8j:*:*:*:*:*:*:*",
              "matchCriteriaId": "D1FDDF9C-4C30-4AAC-9449-7404181071B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8l:*:*:*:*:*:*:*",
              "matchCriteriaId": "2DE8F24A-837B-4198-B8F6-E42386D2F524",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8n:*:*:*:*:*:*:*",
              "matchCriteriaId": "14A9D580-ACD6-4F2F-9322-E6B4C72C8BE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.318:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2660735-2247-42D9-9BAA-D785D18E6F51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.334:*:*:*:*:*:*:*",
              "matchCriteriaId": "401BB537-95FB-4BFB-BC40-CD73817D7E9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.342:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A7CA72-DFAD-4E9A-BB3E-EAE9973C19C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.360:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3C65A6B-4F24-4DFE-B478-49BEE4A5FC65",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.21:*:*:*:*:*:*:*",
              "matchCriteriaId": "64BCA764-5BAD-4CAB-B39F-A1D67E44EDA9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CF40558-B7F8-4A2B-9819-EE3DD2C183AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:8.1.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F70D82C1-764C-4DF0-B296-964602D0EC54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.134:*:*:*:*:*:*:*",
              "matchCriteriaId": "02E9974C-F3E1-4145-865F-974982804823",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.176:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3979CD4-DFBC-460C-8E92-879F7C355D52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.260:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EA3F63E-F4FA-4066-AEA0-B1149E4B1190",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.334:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E9A77E0-1CC3-4E07-B99A-8DC750C982F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.342:*:*:*:*:*:*:*",
              "matchCriteriaId": "642056A2-9B4E-465C-8333-392C70D658AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.346:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E68C357-45E5-4086-9697-A9DD75E22063",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.272:*:*:*:*:*:*:*",
              "matchCriteriaId": "82C3DA99-69D6-4C2D-B485-7785EEDA38F5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.370:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CE2D06-AFAB-4284-9C63-A088F4ACEBAB",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*",
              "matchCriteriaId": "919D9673-1FCA-431D-9F30-643AAEFAC1DA",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code."
    },
    {
      "lang": "es",
      "value": "Advanced_System_Content.asp en routers de la serie ASUS RT con firmware anterior a 3.0.0.4.374.5517, cuando una sesi\u00f3n de administrador est\u00e1 activa, permite a usuarios remotos autenticados obtener el nombre de usuario y contrase\u00f1a del administrador mediante la lectura del c\u00f3digo fuente."
    }
  ],
  "id": "CVE-2014-2719",
  "lastModified": "2024-11-21T02:06:49.840",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "NONE",
          "baseScore": 6.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-04-22T13:06:29.493",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://seclists.org/fulldisclosure/2014/Apr/225"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.t-mobile.com/docs/DOC-21994"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://seclists.org/fulldisclosure/2014/Apr/225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.t-mobile.com/docs/DOC-21994"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.