CVE-2014-8244: Infoleak
First published: Sat Nov 01 2014(Updated: )
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.
Credit: cret@cert.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linksys Ea3500 Firmware | <=2.0.14294 | |
| Linksys Ea3500 | ||
| Linksys Ea6700 Firmware | <=1.1.40 | |
| Linksys Ea6700 | ||
| Linksys Ea6500 Firmware | <=1.1.40 | |
| Linksys EA6500 | ||
| Linksys Ea4500 Firmware | <=2.0.14212.1 | |
| Linksys EA4500 | ||
| Linksys Ea6900 Firmware | <=1.1.42 | |
| Linksys Ea6900 | ||
| Linksys Ea2700 Firmware | <=2.0.14294 | |
| Linksys Ea2700 | ||
| Linksys Ea6400 Firmware | <=1.1.40 | |
| Linksys Ea6400 | ||
| Linksys Ea6200 Firmware | <=1.1.41 | |
| Linksys Ea6200 | ||
| Linksys Ea6300 Firmware | <=1.1.40 | |
| Linksys Ea6300 | ||
| Linksys E4200v2 Firmware | <=2.0.14212.1 | |
| Linksys E4200v2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2014-8244?
CVE-2014-8244 is rated as having a medium severity level due to the potential for remote code execution.
How do I fix CVE-2014-8244?
To fix CVE-2014-8244, update the affected Linksys router firmware to the latest version provided by the manufacturer.
What devices are affected by CVE-2014-8244?
CVE-2014-8244 affects various Linksys E-series models including EA2700, EA3500, E4200v2, EA4500, EA6200, EA6300, EA6400, EA6500, EA6700, and EA6900.
What are the potential impacts of CVE-2014-8244?
The potential impacts of CVE-2014-8244 include unauthorized access to the device, data leakage, and remote code execution.
When was CVE-2014-8244 published?
CVE-2014-8244 was published on November 25, 2014.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/remedy
- agent/weakness
- agent/references
- agent/last-modified-date
- agent/author
- agent/first-publish-date
- agent/description
- agent/tags
- agent/event
- agent/source
- vendor/linksys
- canonical/linksys ea3500 firmware
- version/linksys ea3500 firmware/2.0.14294
- canonical/linksys ea3500
- canonical/linksys ea6700 firmware
- version/linksys ea6700 firmware/1.1.40
- canonical/linksys ea6700
- canonical/linksys ea6500 firmware
- version/linksys ea6500 firmware/1.1.40
- canonical/linksys ea6500
- canonical/linksys ea4500 firmware
- version/linksys ea4500 firmware/2.0.14212.1
- canonical/linksys ea4500
- canonical/linksys ea6900 firmware
- version/linksys ea6900 firmware/1.1.42
- canonical/linksys ea6900
- canonical/linksys ea2700 firmware
- version/linksys ea2700 firmware/2.0.14294
- canonical/linksys ea2700
- canonical/linksys ea6400 firmware
- version/linksys ea6400 firmware/1.1.40
- canonical/linksys ea6400
- canonical/linksys ea6200 firmware
- version/linksys ea6200 firmware/1.1.41
- canonical/linksys ea6200
- canonical/linksys ea6300 firmware
- version/linksys ea6300 firmware/1.1.40
- canonical/linksys ea6300
- canonical/linksys e4200v2 firmware
- version/linksys e4200v2 firmware/2.0.14212.1
- canonical/linksys e4200v2