{ "id": "CVE-2014-2719", "sourceIdentifier": "cve@mitre.org", "published": "2014-04-22T13:06:29.493", "lastModified": "2016-06-30T15:59:45.817", "vulnStatus": "Analyzed", "descriptions": [ { "lang": "en", "value": "Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code." }, { "lang": "es", "value": "Advanced_System_Content.asp en routers de la serie ASUS RT con firmware anterior a 3.0.0.4.374.5517, cuando una sesi\u00f3n de administrador est\u00e1 activa, permite a usuarios remotos autenticados obtener el nombre de usuario y contrase\u00f1a del administrador mediante la lectura del c\u00f3digo fuente." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:M/Au:S/C:C/I:N/A:N", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "SINGLE", "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 6.3 }, "baseSeverity": "MEDIUM", "exploitabilityScore": 6.8, "impactScore": 6.9, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "CWE-200" } ] } ], "configurations": [ { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.140:*:*:*:*:*:*:*", "matchCriteriaId": "A946A449-7623-48FE-878A-E17DA2F41A11" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.220:*:*:*:*:*:*:*", "matchCriteriaId": "A023852A-84B7-4937-886D-8893CD778DDF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.246:*:*:*:*:*:*:*", "matchCriteriaId": "FDB8B4AB-0EF4-4963-AE20-F4F1C3ABFC26" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.260:*:*:*:*:*:*:*", "matchCriteriaId": "553DE051-C59F-4B16-A733-C2055B14DB1E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.270:*:*:*:*:*:*:*", "matchCriteriaId": "37AE944A-EF53-4F57-8A86-7DE209F00D17" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac66u_firmware:3.0.0.4.354:*:*:*:*:*:*:*", "matchCriteriaId": "7AE0E4E9-B08F-4DB3-A5D5-DBCDA81E4200" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374.4755:*:*:*:*:*:*:*", "matchCriteriaId": "536FCD9A-4DBA-465D-8FE8-9E9D815BAB81" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4561:*:*:*:*:*:*:*", "matchCriteriaId": "6E3E3F39-1F5A-4AE5-A379-3344BFC1E00D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-ac68u_firmware:3.0.0.4.374_4887:*:*:*:*:*:*:*", "matchCriteriaId": "753D3C81-F078-47B9-8D0B-822EBE9443AE" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "AEB012B3-5C57-4310-8F1A-208D2E470A6C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.10:*:*:*:*:*:*:*", "matchCriteriaId": "8F1D15BC-D83F-4949-863B-817FA2A0A23D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.16:*:*:*:*:*:*:*", "matchCriteriaId": "0ACDCE11-5422-4AB1-AC89-3C3DF05FDE1C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.19:*:*:*:*:*:*:*", "matchCriteriaId": "3C7607C5-EF0C-40FA-BADA-2316BA4A5E41" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.20:*:*:*:*:*:*:*", "matchCriteriaId": "340D98A2-2018-4A24-B654-3A7032FCE518" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.24:*:*:*:*:*:*:*", "matchCriteriaId": "94999CA4-A60A-4F1E-8933-2CB1CA9D83A0" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n10e_firmware:2.0.0.25:*:*:*:*:*:*:*", "matchCriteriaId": "132C4DDD-5914-47E0-BDBA-E918E7F0E747" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.322:*:*:*:*:*:*:*", "matchCriteriaId": "C7A0A4C1-226A-42D5-A728-CBB7D2B02A50" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n14u_firmware:3.0.0.4.356:*:*:*:*:*:*:*", "matchCriteriaId": "3A04943B-0627-4B6D-A01A-3722F7025723" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:1.0.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "C76611FB-9811-48E5-8F16-824A15CFC226" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:1.0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "6887911A-9CD0-419C-AE2E-932F8AD179DB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.108:*:*:*:*:*:*:*", "matchCriteriaId": "65D943A4-CD5D-4381-8C4F-FF4FC600F226" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.162:*:*:*:*:*:*:*", "matchCriteriaId": "5AA3CD4B-B518-459B-AFF5-CCFF47D3BAEA" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.3.178:*:*:*:*:*:*:*", "matchCriteriaId": "939D788D-BFF7-4DEB-8C47-751532E4AC36" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.220:*:*:*:*:*:*:*", "matchCriteriaId": "DF6BBB0E-D69B-4854-8A5C-D6C20ABB857E" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.246:*:*:*:*:*:*:*", "matchCriteriaId": "8C1CCB22-3D8D-4618-819B-2EA14C42A4C4" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.260:*:*:*:*:*:*:*", "matchCriteriaId": "715FFC31-33A1-469E-BF65-4749F6643EEF" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:3.0.0.4.354:*:*:*:*:*:*:*", "matchCriteriaId": "C1A3AFBC-A89F-4037-B863-55F7791A3635" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n16_firmware:7.0.2.38b:*:*:*:*:*:*:*", "matchCriteriaId": "2E0EAF76-C2F8-4AD5-BF3D-0922DEED7B46" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "6D8E3CB7-1ADA-428C-881F-BB266991F39D" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.4o:*:*:*:*:*:*:*", "matchCriteriaId": "699F6C57-F1AE-4AF5-BF56-529D41C91068" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7c:*:*:*:*:*:*:*", "matchCriteriaId": "F17E0B8C-7BA1-4FC5-84EC-4FFC87A9AC12" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.7f:*:*:*:*:*:*:*", "matchCriteriaId": "69C68ABB-391D-45D8-9250-D93F8BFE305C" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8j:*:*:*:*:*:*:*", "matchCriteriaId": "D1FDDF9C-4C30-4AAC-9449-7404181071B9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8l:*:*:*:*:*:*:*", "matchCriteriaId": "2DE8F24A-837B-4198-B8F6-E42386D2F524" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:1.0.1.8n:*:*:*:*:*:*:*", "matchCriteriaId": "14A9D580-ACD6-4F2F-9322-E6B4C72C8BE9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.318:*:*:*:*:*:*:*", "matchCriteriaId": "E2660735-2247-42D9-9BAA-D785D18E6F51" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.334:*:*:*:*:*:*:*", "matchCriteriaId": "401BB537-95FB-4BFB-BC40-CD73817D7E9A" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.342:*:*:*:*:*:*:*", "matchCriteriaId": "04A7CA72-DFAD-4E9A-BB3E-EAE9973C19C7" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:3.0.0.4.360:*:*:*:*:*:*:*", "matchCriteriaId": "C3C65A6B-4F24-4DFE-B478-49BEE4A5FC65" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.21:*:*:*:*:*:*:*", "matchCriteriaId": "64BCA764-5BAD-4CAB-B39F-A1D67E44EDA9" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:7.0.1.32:*:*:*:*:*:*:*", "matchCriteriaId": "8CF40558-B7F8-4A2B-9819-EE3DD2C183AD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n56u_firmware:8.1.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "F70D82C1-764C-4DF0-B296-964602D0EC54" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.134:*:*:*:*:*:*:*", "matchCriteriaId": "02E9974C-F3E1-4145-865F-974982804823" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.3.176:*:*:*:*:*:*:*", "matchCriteriaId": "B3979CD4-DFBC-460C-8E92-879F7C355D52" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.260:*:*:*:*:*:*:*", "matchCriteriaId": "1EA3F63E-F4FA-4066-AEA0-B1149E4B1190" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.334:*:*:*:*:*:*:*", "matchCriteriaId": "1E9A77E0-1CC3-4E07-B99A-8DC750C982F8" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.342:*:*:*:*:*:*:*", "matchCriteriaId": "642056A2-9B4E-465C-8333-392C70D658AD" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n65u_firmware:3.0.0.4.346:*:*:*:*:*:*:*", "matchCriteriaId": "8E68C357-45E5-4086-9697-A9DD75E22063" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.272:*:*:*:*:*:*:*", "matchCriteriaId": "82C3DA99-69D6-4C2D-B485-7785EEDA38F5" }, { "vulnerable": true, "criteria": "cpe:2.3:o:asus:rt-n66u_firmware:3.0.0.4.370:*:*:*:*:*:*:*", "matchCriteriaId": "16CE2D06-AFAB-4284-9C63-A088F4ACEBAB" } ] }, { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:h:asus:rt-ac68u:-:*:*:*:*:*:*:*", "matchCriteriaId": "1E23D00B-76E3-438C-8023-3D7CC6AEEE15" } ] } ] }, { "operator": "AND", "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:o:t-mobile:tm-ac1900:3.0.0.4.376_3169:*:*:*:*:*:*:*", "matchCriteriaId": "919D9673-1FCA-431D-9F30-643AAEFAC1DA" } ] } ] } ], "references": [ { "url": "http://dnlongen.blogspot.com/2014/04/CVE-2014-2719-Asus-RT-Password-Disclosure.html", "source": "cve@mitre.org" }, { "url": "http://seclists.org/fulldisclosure/2014/Apr/225", "source": "cve@mitre.org" }, { "url": "http://support.asus.com/download.aspx?m=RT-N66U+%28VER.B1%29", "source": "cve@mitre.org" }, { "url": "https://support.t-mobile.com/docs/DOC-21994", "source": "cve@mitre.org" } ] }