{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-10-31T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-11-01T04:57:00.000Z", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "VU#447516", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/447516"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2014-8243", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "VU#447516", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/447516"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:10:50.927Z"}, "title": "CVE Program Container", "references": [{"name": "VU#447516", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/447516"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2014-8243", "datePublished": "2014-11-01T10:00:00.000Z", "dateReserved": "2014-10-12T00:00:00.000Z", "dateUpdated": "2024-08-06T13:10:50.927Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1F1A4B40-0652-4235-A142-B239021D8BB4", "versionEndIncluding": "2.0.14212.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:*", "matchCriteriaId": "19F4E6A9-A5EC-4B0A-8328-DC05AB5AFB88", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:*", "matchCriteriaId": "373B9DE7-4B12-46EB-AADE-991C624AF2C2", "versionEndIncluding": "1.1.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*", "matchCriteriaId": "6EADC8D1-E9D1-4DBA-A5B9-E58FE3770353", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:*", "matchCriteriaId": "92806FDB-FF8F-48AB-B2CB-C182636287A8", "versionEndIncluding": "1.1.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:*", "matchCriteriaId": "4EBE448A-0934-460A-8273-BED87A372401", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:e4200v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9AC4B949-183A-4581-BE90-CE831C495268", "versionEndIncluding": "2.0.14212.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:e4200v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "C9600AA5-1C29-4C14-8072-94A701AF11B2", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6300_firmware:*:153731:*:*:*:*:*:*", "matchCriteriaId": "9617D6A5-633E-44D3-B471-0AE54F3B0829", "versionEndIncluding": "1.1.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6300:-:*:*:*:*:*:*:*", "matchCriteriaId": "3FD05641-3B22-402F-A019-586FEF08AAE7", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6900_firmware:*:158863:*:*:*:*:*:*", "matchCriteriaId": "699BC2F3-5C61-4A2C-960D-577D73D7A3CD", "versionEndIncluding": "1.1.42", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6900:-:*:*:*:*:*:*:*", "matchCriteriaId": "1523B074-97B4-4744-9D49-4A6447377B51", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea2700_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "D01D5B2C-EF7E-4B5F-BA85-D48C1A2F1128", "versionEndIncluding": "2.0.14294", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea2700:-:*:*:*:*:*:*:*", "matchCriteriaId": "5478779B-2AA9-443E-A59E-4F5318138977", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea3500_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3408C1A9-6620-48F3-8F9F-6AB8160100D4", "versionEndIncluding": "2.0.14294", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea3500:-:*:*:*:*:*:*:*", "matchCriteriaId": "7A7900CB-84CC-476B-B0B6-490625F40D4C", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6200_firmware:*:153743:*:*:*:*:*:*", "matchCriteriaId": "56CE26A9-BB16-4C7F-BC9A-A2AA57DABE1E", "versionEndIncluding": "1.1.41", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6200:-:*:*:*:*:*:*:*", "matchCriteriaId": "FC731379-8F48-4181-ABBC-23B230E6851F", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6700_firmware:*:153731:*:*:*:*:*:*", "matchCriteriaId": "5538CA50-CF31-4C2A-B817-97BA98D4CCF2", "versionEndIncluding": "1.1.40", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6700:-:*:*:*:*:*:*:*", "matchCriteriaId": "2308E051-EAD1-4558-84F3-C4B665CB3088", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI."}, {"lang": "es", "value": "Linksys SMART WiFi firmware en los dispositivos EA2700 y EA3500; anterior a 2.1.41 build 162351 en los dispositivos E4200v2 y EA4500; anterior a 1.1.41 build 162599 en los dispositivos EA6200; anterior a 1.1.40 build 160989 en los dispositivos EA6300, EA6400, EA6500, y EA6700 devices; y anterior a 1.1.42 build 161129 en los dispositivos EA6900 permite a atacantes remotos obtener el hash de la contrase\u00f1a MD5 del administrador a trav\u00e9s de una solicitud directa para la URI /.htpasswd."}], "id": "CVE-2014-8243", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-11-01T10:55:02.790", "references": [{"source": "cret@cert.org", "tags": ["Exploit", "Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/447516"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Patch", "Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/447516"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-310"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}