CVE-2014-8244

EXPLOITED

Linksys Ea3500 Firmware < 2.0.14294 - Information Disclosure

Title source: rule

Description

Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.

Exploits (1)

nomisec SCANNER 6 stars

by JollyJumbuckk · poc

https://github.com/JollyJumbuckk/LinksysLeaks

View Code ZIP pw:eip

References (1)

[Exploit, Patch, Third Party Advisory, US Government Resource] http://www.kb.cert.org/vuls/id/447516

Scores

EPSS 0.0916

EPSS Percentile 92.7%

Details

VulnCheck KEV 2021-04-12

CWE

CWE-200

Status published

Products (20)

linksys/e4200v2

linksys/e4200v2_firmware < 2.0.14212.1

linksys/ea2700

linksys/ea2700_firmware < 2.0.14294

linksys/ea3500

linksys/ea3500_firmware < 2.0.14294

linksys/ea4500

linksys/ea4500_firmware < 2.0.14212.1

linksys/ea6200

linksys/ea6200_firmware < 1.1.41

... and 10 more

Published Nov 01, 2014

Tracked Since Feb 18, 2026