PT-2014-4660 · Axn · Axn-Net Ethernet Module Accessory

Published

2014-11-05

Updated

2014-11-05

CVE-2014-2374

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions AXN-NET Ethernet module accessory version 3.04

Description The issue allows remote attackers to discover passwords and modify settings via vectors involving JavaScript.

Recommendations For AXN-NET Ethernet module accessory version 3.04, consider disabling JavaScript as a temporary workaround until a patch is available. Restrict access to the module to minimize the risk of exploitation.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2014-2374

Affected Products

Axn-Net Ethernet Module Accessory

PT-2014-4660 · Axn · Axn-Net Ethernet Module Accessory

CVE-2014-2374

Weakness Enumeration

Related Identifiers

Affected Products

References · 3