PT-2014-4884 · Asus · Asus Rt Series

Publicado

2014-04-21

Atualizado

2016-06-30

CVE-2014-2719

CVSS v2.0

6.3

Média

Vetor

AV:N/AC:M/Au:S/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions ASUS RT series routers versions prior to 3.0.0.4.374.5517

Description The issue allows remote authenticated users to obtain the administrator user name and password by reading the source code of the Advanced System Content.asp page when an administrator session is active.

Recommendations For versions prior to 3.0.0.4.374.5517, update the firmware to version 3.0.0.4.374.5517 or later to resolve the issue. As a temporary workaround, consider restricting access to the Advanced System Content.asp page until the firmware is updated.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200

Identificadores relacionados

CVE-2014-2719

Produtos afetados

Asus Rt Series

PT-2014-4884 · Asus · Asus Rt Series

CVE-2014-2719

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5