CVE-2013-3066

Опубликовано: 29 сент. 2014

Источник: nvd

CVSS2: 7.1

EPSS Низкий

Описание

Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.

Ссылки

http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf
Exploit
http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php
Exploit
http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf
Exploit
http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php
Exploit

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876:*:*:*:*:*:*:*

cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00391

Низкий

7.1 High

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-r9q4-hr4j-69gf

github

больше 3 лет назад