Vulnerability Details CVE-2014-8243
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.5%
CVSS Severity
CVSS v2 Score 3.3
Products affected by CVE-2014-8243
-
cpe:2.3:h:linksys:e4200v2:-
-
cpe:2.3:h:linksys:ea2700:-
-
cpe:2.3:h:linksys:ea3500:-
-
cpe:2.3:h:linksys:ea4500:-
-
cpe:2.3:h:linksys:ea6200:-
-
cpe:2.3:h:linksys:ea6300:-
-
cpe:2.3:h:linksys:ea6400:-
-
cpe:2.3:h:linksys:ea6500:-
-
cpe:2.3:h:linksys:ea6700:-
-
cpe:2.3:h:linksys:ea6900:-
-
cpe:2.3:o:linksys:e4200v2_firmware:*
-
cpe:2.3:o:linksys:ea2700_firmware:*
-
cpe:2.3:o:linksys:ea3500_firmware:*
-
cpe:2.3:o:linksys:ea4500_firmware:2.0.36
-
cpe:2.3:o:linksys:ea6200_firmware:*
-
cpe:2.3:o:linksys:ea6300_firmware:*
-
cpe:2.3:o:linksys:ea6400_firmware:*
-
cpe:2.3:o:linksys:ea6500_firmware:*
-
cpe:2.3:o:linksys:ea6700_firmware:*
-
cpe:2.3:o:linksys:ea6900_firmware:*