CVE-2014-8244
Severity CVSS v4.0:
Pending analysis
Type:
CWE-200
Information Leak / Disclosure
Publication date:
01/11/2014
Last modified:
12/04/2025
Description
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linksys:ea3500_firmware:*:*:*:*:*:*:*:* | 2.0.14294 (including) | |
| cpe:2.3:h:linksys:ea3500:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linksys:ea6700_firmware:*:153731:*:*:*:*:*:* | 1.1.40 (including) | |
| cpe:2.3:h:linksys:ea6700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linksys:ea6500_firmware:*:153731:*:*:*:*:*:* | 1.1.40 (including) | |
| cpe:2.3:h:linksys:ea6500:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linksys:ea4500_firmware:*:*:*:*:*:*:*:* | 2.0.14212.1 (including) | |
| cpe:2.3:h:linksys:ea4500:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linksys:ea6900_firmware:*:158863:*:*:*:*:*:* | 1.1.42 (including) | |
| cpe:2.3:h:linksys:ea6900:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linksys:ea2700_firmware:*:*:*:*:*:*:*:* | 2.0.14294 (including) | |
| cpe:2.3:h:linksys:ea2700:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linksys:ea6400_firmware:*:153731:*:*:*:*:*:* | 1.1.40 (including) | |
| cpe:2.3:h:linksys:ea6400:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:linksys:ea6200_firmware:*:153743:*:*:*:*:*:* | 1.1.41 (including) |
To consult the complete list of CPE names with products and versions, see this page