Vulnerabilities > Linksys > Ea4500 Firmware

DATE CVE VULNERABILITY TITLE RISK
2017-08-06 CVE-2017-10677 Cross-Site Request Forgery (CSRF) vulnerability in Linksys Ea4500 Firmware 2.0.36
Cross-Site Request Forgery (CSRF) exists on Linksys EA4500 devices with Firmware Version before 2.1.41.164606, as demonstrated by a request to apply.cgi to disable SIP.
network
linksys CWE-352
6.8
2014-11-01 CVE-2014-8244 Information Exposure vulnerability in Linksys products
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain sensitive information or modify data via a JNAP action in a JNAP/ HTTP request.
network
low complexity
linksys CWE-200
7.5
2014-11-01 CVE-2014-8243 Cryptographic Issues vulnerability in Linksys products
Linksys SMART WiFi firmware on EA2700 and EA3500 devices; before 2.1.41 build 162351 on E4200v2 and EA4500 devices; before 1.1.41 build 162599 on EA6200 devices; before 1.1.40 build 160989 on EA6300, EA6400, EA6500, and EA6700 devices; and before 1.1.42 build 161129 on EA6900 devices allows remote attackers to obtain the administrator's MD5 password hash via a direct request for the /.htpasswd URI.
low complexity
linksys CWE-310
3.3