CVE-2014-8496

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2014-8496
Digicom DG-5514T ADSL router with firmware 3.2 generates predictable session IDs, which allows remote attackers to gain administrator privileges via a brute force session hijacking attack.

10.0 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
https://www.youtube.com/watch?v=La9nMeVCtt4 Exploit
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:digicom:dg-5514t_adsl_router_firmware:3.2:*:*:*:*:*:*:*
cpe:2.3:h:digicom:dg-5514t_adsl_router:-:*:*:*:*:*:*:*
Information

Published : 2014-12-09 16:59

Updated : 2014-12-10 10:29

NVD link : CVE-2014-8496

Mitre link : CVE-2014-8496

JSON object : View

CWE
CWE-255

Credentials Management Errors

Advertisement

dedicated server usa
Products Affected

digicom

  • dg-5514t_adsl_router_firmware
  • dg-5514t_adsl_router