{"id": "CVE-2014-8243", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.3, "accessVector": "ADJACENT_NETWORK", "vectorString": "AV:A/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 6.5, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-11-01T10:55:02.790", "references": [{"url": "http://www.kb.cert.org/vuls/id/447516", "tags": ["Exploit", "Patch", "Third Party Advisory", "US Government Resource"], "source": "cret@cert.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-310"}]}], "descriptions": [{"lang": "en", "value": "Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI."}, {"lang": "es", "value": "Linksys SMART WiFi firmware en los dispositivos EA2700 y EA3500; anterior a 2.1.41 build 162351 en los dispositivos E4200v2 y EA4500; anterior a 1.1.41 build 162599 en los dispositivos EA6200; anterior a 1.1.40 build 160989 en los dispositivos EA6300, EA6400, EA6500, y EA6700 devices; y anterior a 1.1.42 build 161129 en los dispositivos EA6900 permite a atacantes remotos obtener el hash de la contrase\u00f1a MD5 del administrador a trav\u00e9s de una solicitud directa para la URI /.htpasswd."}], "lastModified": "2014-11-04T02:38:06.157", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1F1A4B40-0652-4235-A142-B239021D8BB4", "versionEndIncluding": "2.0.14212.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "19F4E6A9-A5EC-4B0A-8328-DC05AB5AFB88"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "373B9DE7-4B12-46EB-AADE-991C624AF2C2", "versionEndIncluding": "1.1.40"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6EADC8D1-E9D1-4DBA-A5B9-E58FE3770353"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92806FDB-FF8F-48AB-B2CB-C182636287A8", "versionEndIncluding": "1.1.40"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4EBE448A-0934-460A-8273-BED87A372401"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:e4200v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9AC4B949-183A-4581-BE90-CE831C495268", "versionEndIncluding": "2.0.14212.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:e4200v2:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C9600AA5-1C29-4C14-8072-94A701AF11B2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6300_firmware:*:153731:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9617D6A5-633E-44D3-B471-0AE54F3B0829", "versionEndIncluding": "1.1.40"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6300:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3FD05641-3B22-402F-A019-586FEF08AAE7"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6900_firmware:*:158863:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "699BC2F3-5C61-4A2C-960D-577D73D7A3CD", "versionEndIncluding": "1.1.42"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6900:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1523B074-97B4-4744-9D49-4A6447377B51"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea2700_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D01D5B2C-EF7E-4B5F-BA85-D48C1A2F1128", "versionEndIncluding": "2.0.14294"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea2700:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5478779B-2AA9-443E-A59E-4F5318138977"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea3500_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3408C1A9-6620-48F3-8F9F-6AB8160100D4", "versionEndIncluding": "2.0.14294"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea3500:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A7900CB-84CC-476B-B0B6-490625F40D4C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6200_firmware:*:153743:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56CE26A9-BB16-4C7F-BC9A-A2AA57DABE1E", "versionEndIncluding": "1.1.41"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6200:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FC731379-8F48-4181-ABBC-23B230E6851F"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:ea6700_firmware:*:153731:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5538CA50-CF31-4C2A-B817-97BA98D4CCF2", "versionEndIncluding": "1.1.40"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:ea6700:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2308E051-EAD1-4558-84F3-C4B665CB3088"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cret@cert.org"}