Vulnerability Details CVE-2013-3066
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.3%
CVSS Severity
CVSS v2 Score 7.1
References
- http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf
- http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php
- http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf
- http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php
Products affected by CVE-2013-3066
-
cpe:2.3:h:linksys:ea6500:-
-
cpe:2.3:o:linksys:ea6500_firmware:1.1.28.147876