First published: Mon Apr 21 2014(Updated: )
Advanced_System_Content.asp in the ASUS RT series routers with firmware before 3.0.0.4.374.5517, when an administrator session is active, allows remote authenticated users to obtain the administrator user name and password by reading the source code.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
ASUS RT-AC66U Firmware | =3.0.0.4.140 | |
ASUS RT-AC66U Firmware | =3.0.0.4.220 | |
ASUS RT-AC66U Firmware | =3.0.0.4.246 | |
ASUS RT-AC66U Firmware | =3.0.0.4.260 | |
ASUS RT-AC66U Firmware | =3.0.0.4.270 | |
ASUS RT-AC66U Firmware | =3.0.0.4.354 | |
ASUS RT-AC68R | =3.0.0.4.374.4755 | |
ASUS RT-AC68R | =3.0.0.4.374_4561 | |
ASUS RT-AC68R | =3.0.0.4.374_4887 | |
ASUS RT-N10E Firmware | =2.0.0.7 | |
ASUS RT-N10E Firmware | =2.0.0.10 | |
ASUS RT-N10E Firmware | =2.0.0.16 | |
ASUS RT-N10E Firmware | =2.0.0.19 | |
ASUS RT-N10E Firmware | =2.0.0.20 | |
ASUS RT-N10E Firmware | =2.0.0.24 | |
ASUS RT-N10E Firmware | =2.0.0.25 | |
ASUS RT-N14U firmware | =3.0.0.4.322 | |
ASUS RT-N14U firmware | =3.0.0.4.356 | |
ASUS RT-N16 Firmware | =1.0.1.9 | |
ASUS RT-N16 Firmware | =1.0.2.3 | |
ASUS RT-N16 Firmware | =3.0.0.3.108 | |
ASUS RT-N16 Firmware | =3.0.0.3.162 | |
ASUS RT-N16 Firmware | =3.0.0.3.178 | |
ASUS RT-N16 Firmware | =3.0.0.4.220 | |
ASUS RT-N16 Firmware | =3.0.0.4.246 | |
ASUS RT-N16 Firmware | =3.0.0.4.260 | |
ASUS RT-N16 Firmware | =3.0.0.4.354 | |
ASUS RT-N16 Firmware | =7.0.2.38b | |
ASUS RT-N56U firmware | =1.0.1.4 | |
ASUS RT-N56U firmware | =1.0.1.4o | |
ASUS RT-N56U firmware | =1.0.1.7c | |
ASUS RT-N56U firmware | =1.0.1.7f | |
ASUS RT-N56U firmware | =1.0.1.8j | |
ASUS RT-N56U firmware | =1.0.1.8l | |
ASUS RT-N56U firmware | =1.0.1.8n | |
ASUS RT-N56U firmware | =3.0.0.4.318 | |
ASUS RT-N56U firmware | =3.0.0.4.334 | |
ASUS RT-N56U firmware | =3.0.0.4.342 | |
ASUS RT-N56U firmware | =3.0.0.4.360 | |
ASUS RT-N56U firmware | =7.0.1.21 | |
ASUS RT-N56U firmware | =7.0.1.32 | |
ASUS RT-N56U firmware | =8.1.1.4 | |
ASUS RT-N65U Firmware | =3.0.0.3.134 | |
ASUS RT-N65U Firmware | =3.0.0.3.176 | |
ASUS RT-N65U Firmware | =3.0.0.4.260 | |
ASUS RT-N65U Firmware | =3.0.0.4.334 | |
ASUS RT-N65U Firmware | =3.0.0.4.342 | |
ASUS RT-N65U Firmware | =3.0.0.4.346 | |
ASUS RT-N66U | =3.0.0.4.272 | |
ASUS RT-N66U | =3.0.0.4.370 | |
ASUS 4G-AC68U | ||
ASUS TM-AC1900 | =3.0.0.4.376_3169 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-2719 has a moderate severity due to the potential exposure of sensitive administrative credentials.
To fix CVE-2014-2719, update the firmware of your ASUS RT series router to version 3.0.0.4.374.5517 or later.
CVE-2014-2719 affects various ASUS RT series routers, including RT-AC66U, RT-AC68U, and RT-N16, among others.
The impact of CVE-2014-2719 allows remote authenticated users to view the administrator username and password through the source code.
As a temporary workaround for CVE-2014-2719, limit remote access to your router and ensure that only trusted users are connected.