CVE-2014-2719

Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.

Published: Apr 22, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-2719
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 6.3
AV:N/AC:M/Au:S/C:C/I:N/A:N

CWEs:

CWE-200

Affected Software
References

Software	From	Fixed in
asus / rt-ac66u_firmware	3.0.0.4.140	3.0.0.4.140.x
asus / rt-ac66u_firmware	3.0.0.4.220	3.0.0.4.220.x
asus / rt-ac66u_firmware	3.0.0.4.246	3.0.0.4.246.x
asus / rt-ac66u_firmware	3.0.0.4.260	3.0.0.4.260.x
asus / rt-ac66u_firmware	3.0.0.4.270	3.0.0.4.270.x
asus / rt-ac66u_firmware	3.0.0.4.354	3.0.0.4.354.x
asus / rt-ac68u_firmware	3.0.0.4.374.4755	3.0.0.4.374.4755.x
asus / rt-ac68u_firmware	3.0.0.4.374_4561	3.0.0.4.374_4561.x
asus / rt-ac68u_firmware	3.0.0.4.374_4887	3.0.0.4.374_4887.x
asus / rt-n10e_firmware	2.0.0.7	2.0.0.7.x
asus / rt-n10e_firmware	2.0.0.10	2.0.0.10.x
asus / rt-n10e_firmware	2.0.0.16	2.0.0.16.x
asus / rt-n10e_firmware	2.0.0.19	2.0.0.19.x
asus / rt-n10e_firmware	2.0.0.20	2.0.0.20.x
asus / rt-n10e_firmware	2.0.0.24	2.0.0.24.x
asus / rt-n10e_firmware	2.0.0.25	2.0.0.25.x
asus / rt-n14u_firmware	3.0.0.4.322	3.0.0.4.322.x
asus / rt-n14u_firmware	3.0.0.4.356	3.0.0.4.356.x
asus / rt-n16_firmware	1.0.1.9	1.0.1.9.x
asus / rt-n16_firmware	1.0.2.3	1.0.2.3.x
asus / rt-n16_firmware	3.0.0.3.108	3.0.0.3.108.x
asus / rt-n16_firmware	3.0.0.3.162	3.0.0.3.162.x
asus / rt-n16_firmware	3.0.0.3.178	3.0.0.3.178.x
asus / rt-n16_firmware	3.0.0.4.220	3.0.0.4.220.x
asus / rt-n16_firmware	3.0.0.4.246	3.0.0.4.246.x
asus / rt-n16_firmware	3.0.0.4.260	3.0.0.4.260.x
asus / rt-n16_firmware	3.0.0.4.354	3.0.0.4.354.x
asus / rt-n16_firmware	7.0.2.38b	7.0.2.38b.x
asus / rt-n56u_firmware	1.0.1.4	1.0.1.4.x
asus / rt-n56u_firmware	1.0.1.4o	1.0.1.4o.x
asus / rt-n56u_firmware	1.0.1.7c	1.0.1.7c.x
asus / rt-n56u_firmware	1.0.1.7f	1.0.1.7f.x
asus / rt-n56u_firmware	1.0.1.8j	1.0.1.8j.x
asus / rt-n56u_firmware	1.0.1.8l	1.0.1.8l.x
asus / rt-n56u_firmware	1.0.1.8n	1.0.1.8n.x
asus / rt-n56u_firmware	3.0.0.4.318	3.0.0.4.318.x
asus / rt-n56u_firmware	3.0.0.4.334	3.0.0.4.334.x
asus / rt-n56u_firmware	3.0.0.4.342	3.0.0.4.342.x
asus / rt-n56u_firmware	3.0.0.4.360	3.0.0.4.360.x
asus / rt-n56u_firmware	7.0.1.21	7.0.1.21.x
asus / rt-n56u_firmware	7.0.1.32	7.0.1.32.x
asus / rt-n56u_firmware	8.1.1.4	8.1.1.4.x
asus / rt-n65u_firmware	3.0.0.3.134	3.0.0.3.134.x
asus / rt-n65u_firmware	3.0.0.3.176	3.0.0.3.176.x
asus / rt-n65u_firmware	3.0.0.4.260	3.0.0.4.260.x
asus / rt-n65u_firmware	3.0.0.4.334	3.0.0.4.334.x
asus / rt-n65u_firmware	3.0.0.4.342	3.0.0.4.342.x
asus / rt-n65u_firmware	3.0.0.4.346	3.0.0.4.346.x
asus / rt-n66u_firmware	3.0.0.4.272	3.0.0.4.272.x
asus / rt-n66u_firmware	3.0.0.4.370	3.0.0.4.370.x
t-mobile / tm-ac1900	3.0.0.4.376_3169	3.0.0.4.376_3169.x

Vulnerability Database

289,697

CVE-2014-2719