CVE-2014-8868

EntryPass N5200 Active Network Control Panel - Unauthenticated Sensitive Information Exposure via /4 Endpoint

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-8868.

AI-analyzed exploit summary The advisory details an information disclosure vulnerability in EntryPass N5200 Active Network Control Panels, where unauthenticated attackers can retrieve memory contents containing administrative credentials via specific HTTP requests. The vulnerability arises from improper handling of URL paths, allowing access to sensitive data.

Description

EntryPass N5200 Active Network Control Panel does not properly restrict access, which allows remote attackers to obtain the administrator username and password, and possibly other sensitive information, via a request to /4.

Exploits (1)

exploitdb WRITEUP
webappshardware
https://www.exploit-db.com/exploits/35442

The advisory details an information disclosure vulnerability in EntryPass N5200 Active Network Control Panels, where unauthenticated attackers can retrieve memory contents containing administrative credentials via specific HTTP requests. The vulnerability arises from improper handling of URL paths, allowing access to sensitive data.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: EntryPass N5200 Active Network Control Panel
No auth needed
Prerequisites: Network access to the device
devstral-2 · analyzed Feb 19, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/2
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534128/100/0/threaded

Scores

EPSS 0.0699
EPSS Percentile 93.3%

Details

CWE
CWE-264
Status published
Products (1)
entrypass/n5200_active_network_control_panel
Published Dec 07, 2014
Tracked Since Feb 18, 2026