CVE-2014-8243

Published: Nov 1, 2014Modified: May 6, 2026

3.3

Vector

AV:A/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 6.5 / Impact: 2.9

Source: NVD

Description

Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.

Affected (20)

Products: Linksys: Ea4500 Firmware, Ea4500, Ea6500 Firmware, Ea6500, Ea6400 Firmware, Ea6400, E4200v2 Firmware, E4200v2, Ea6300 Firmware, Ea6300, Ea6900 Firmware, Ea6900, Ea2700 Firmware, Ea2700, Ea3500 Firmware, Ea3500, Ea6200 Firmware, Ea6200, Ea6700 Firmware, Ea6700

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea4500 Firmware	Up to 2.0.14212.1
Linksys Ea4500	All versions

Configuration B

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea6500 Firmware	Up to 1.1.40
Linksys Ea6500	All versions

Configuration C

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea6400 Firmware	Up to 1.1.40
Linksys Ea6400	All versions

Configuration D

2 vulnerable

Vulnerable Software	Affected Versions
Linksys E4200v2 Firmware	Up to 2.0.14212.1
Linksys E4200v2	All versions

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea6300 Firmware	Up to 1.1.40
Linksys Ea6300	All versions

Configuration F

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea6900 Firmware	Up to 1.1.42
Linksys Ea6900	All versions

Configuration G

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea2700 Firmware	Up to 2.0.14294
Linksys Ea2700	All versions

Configuration H

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea3500 Firmware	Up to 2.0.14294
Linksys Ea3500	All versions

Configuration I

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea6200 Firmware	Up to 1.1.41
Linksys Ea6200	All versions

Configuration J

2 vulnerable

Vulnerable Software	Affected Versions
Linksys Ea6700 Firmware	Up to 1.1.40
Linksys Ea6700	All versions

Related CWEs

CWE-310

References (2)

http://www.kb.cert.org/vuls/id/447516

Source: cret@cert.org

ExploitPatchThird Party AdvisoryUS Government Resource

http://www.kb.cert.org/vuls/id/447516

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitPatchThird Party AdvisoryUS Government Resource

Timeline

No history available yet.