CVE-2014-8243
Severity CVSS v4.0:
Pending analysis
Type:
CWE-310
Cryptographic Issues
Publication date:
01/11/2014
Last modified:
12/04/2025
Description
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.
Impact
Base Score 2.0
3.30
Severity 2.0
LOW
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:* | 2.0.14212.1 (including) | |
cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:* | 1.1.40 (including) | |
cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:* | 1.1.40 (including) | |
cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:linksys:e4200v2_firmware:*:*:*:*:*:*:*:* | 2.0.14212.1 (including) | |
cpe:2.3:h:linksys:e4200v2:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:linksys:ea6300_firmware:*:153731:*:*:*:*:*:* | 1.1.40 (including) | |
cpe:2.3:h:linksys:ea6300:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:linksys:ea6900_firmware:*:158863:*:*:*:*:*:* | 1.1.42 (including) | |
cpe:2.3:h:linksys:ea6900:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:linksys:ea2700_firmware:*:*:*:*:*:*:*:* | 2.0.14294 (including) | |
cpe:2.3:h:linksys:ea2700:-:*:*:*:*:*:*:* | ||
cpe:2.3:o:linksys:ea3500_firmware:*:*:*:*:*:*:*:* | 2.0.14294 (including) |
To consult the complete list of CPE names with products and versions, see this page