CVE-2014-6437
UnknownEPSS 15.50%
Last modified
CVE-2014-6437 is a vulnerability of currently unknown severity. Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors involving the ROM file.. EPSS estimates a 15.50% chance of exploitation in the next 30 days.
Description
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors involving the ROM file.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Aztech | Adsl Dsl5018en \(1t1r\) Firmware | All versions |
| Aztech | Dsl705e Firmware | All versions |
| Aztech | Dsl705eu Firmware | All versions |
References
- http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.htmlExploit, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/69808Third Party Advisory, VDB Entry
- http://packetstormsecurity.com/files/128254/Aztech-DSL5018EN-DSL705E-DSL705EU-DoS-Broken-Session-Management.htmlExploit, Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/69808Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2014-6437?
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors involving the ROM file.
How severe is CVE-2014-6437?
Severity scoring for CVE-2014-6437 is pending analysis. The EPSS model estimates a 15.50% probability of exploitation in the next 30 days.
How do I fix CVE-2014-6437?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2014-6437?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST