CVE-2014-6437

CRITICAL

Aztech ADSL - Info Disclosure

Title source: llm

Description

Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors involving the ROM file.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Eric Fajardo · cremotehardware

https://www.exploit-db.com/exploits/39314

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.html

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/69808

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/533489/100/0/threaded

Scores

CVSS v3 9.8

EPSS 0.2300

EPSS Percentile 95.9%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-200

Status published

Products (3)

aztech/adsl_dsl5018en_\(1t1r\)_firmware

aztech/dsl705e_firmware

aztech/dsl705eu_firmware

Published Jan 12, 2018

Tracked Since Feb 18, 2026