CVE-2014-8425

ARRIS VAP2500 Firmware < 08.41 - Unauthenticated Exposure of Sensitive Information via Configuration Files

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-8425. PoCs published by HeadlessZeke.

AI-analyzed exploit summary This exploit targets a vulnerability in VAP2500 devices, allowing an attacker to retrieve user accounts, check for root privileges, modify the root password, and enable telnet access. It leverages improper authentication and command injection via a vulnerable endpoint.

Description

The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.

Exploits (1)

exploitdb WORKING POC

by HeadlessZeke · rubywebappshardware

https://www.exploit-db.com/exploits/35372

View Code ZIP pw:eip

This exploit targets a vulnerability in VAP2500 devices, allowing an attacker to retrieve user accounts, check for root privileges, modify the root password, and enable telnet access. It leverages improper authentication and command injection via a vulnerable endpoint.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: VAP2500 (firmware version unknown, likely older versions)

No auth needed

Prerequisites: Network access to the VAP2500 device · Vulnerable endpoint exposed (/admin.conf, /tools_command.php)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1068 - Exploitation for Privilege Escalation T1078 - Valid Accounts

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Third Party Advisory x_refsource_misc

http://www.zerodayinitiative.com/advisories/ZDI-14-387/

Scores

EPSS 0.0314

EPSS Percentile 86.2%

Details

CWE

CWE-200

Status published

Products (1)

arris/vap2500_firmware < 08.41

Published Nov 28, 2014

Tracked Since Feb 18, 2026