← Back

CVE-2014-2718

nvd nist
Published: Nov 4, 2014Modified: May 6, 2026

JSON object

Loading...
7.1
Vector
AV:N/AC:M/Au:N/C:N/I:C/A:N
Exploitability: 8.6 / Impact: 6.9
Source: NVD

Description

ASUS RT-AC68U, RT-AC66R, RT-AC66U, RT-AC56R, RT-AC56U, RT-N66R, RT-N66U, RT-N56R, RT-N56U, and possibly other RT-series routers before firmware 3.0.0.4.376.x do not verify the integrity of firmware (1) update information or (2) downloaded updates, which allows man-in-the-middle (MITM) attackers to execute arbitrary code via a crafted image.

Affected (2)

T Mobile
1 product
Tm Ac1900
Asus
1 product
Rt Series Firmware
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Tm Ac1900
Version 3.0.0.4.376_3169
Configuration B
1 vulnerable · 8 platform
Vulnerable SoftwareAffected Versions
Rt Series Firmware
Up to 3.0.0.4.374.x
Running on/withPlatform Versions
Asus
Rt Ac56r
All versions
Asus
Rt Ac66r
All versions
Asus
Rt Ac66u
All versions
Asus
Rt Ac68u
All versions
Asus
Rt N56r
All versions
Asus
Rt N56u
All versions
Asus
Rt N66r
All versions
Asus
Rt N66u
All versions

Related CWEs

CWE-345
Insufficient Verification of Data Authenticity
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.

References (12)

Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.