CVE-2014-9303

EntryPass N5200 Active Network Control Panel - Unauthenticated Exposure of Sensitive Information via URL Character Range

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2014-9303. PoCs published by RedTeam Pentesting.

AI-analyzed exploit summary This advisory details an information disclosure vulnerability in EntryPass N5200 Active Network Control Panels, where unauthenticated attackers can retrieve memory contents containing administrative credentials via specific URL requests. The vulnerability arises from improper handling of URL paths, allowing access to sensitive data.

Description

EntryPass N5200 Active Network Control Panel allows remote attackers to read device memory and obtain the administrator username and password via a URL starting with an ASCII character o through z or A through D, different vectors than CVE-2014-8868.

Exploits (1)

exploitdb WRITEUP
by RedTeam Pentesting · textwebappshardware
https://www.exploit-db.com/exploits/35442

This advisory details an information disclosure vulnerability in EntryPass N5200 Active Network Control Panels, where unauthenticated attackers can retrieve memory contents containing administrative credentials via specific URL requests. The vulnerability arises from improper handling of URL paths, allowing access to sensitive data.

Classification
Writeup 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: EntryPass N5200 Active Network Control Panel
No auth needed
Prerequisites: Network access to the device
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit mailing-list x_refsource_fulldisc
http://seclists.org/fulldisclosure/2014/Dec/2
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/534128/100/0/threaded

Scores

EPSS 0.0331
EPSS Percentile 87.0%

Details

CWE
CWE-200
Status published
Products (1)
entrypass/n5200_active_network_control_panel
Published Dec 07, 2014
Tracked Since Feb 18, 2026