Description
Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access, which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.
References (2)
Core 2
Core References
Exploit x_refsource_misc
http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf
Exploit x_refsource_misc
http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php
Scores
EPSS
0.0024
EPSS Percentile
47.6%
Details
CWE
CWE-264
Status
published
Products (2)
linksys/ea6500
linksys/ea6500_firmware
1.1.28.147876
Published
Sep 29, 2014
Tracked Since
Feb 18, 2026