Information disclosure in Arris Vap2500_firmware

CVE-2014-8425

The management portal in ARRIS VAP2500 before FW08.41 allows remote attackers to obtain credentials by reading the configuration files.

Vulnerability class: Information Disclosure

EPSS: 0.125 (94.1th percentile) — read the EPSS interpretation.

Affected products

Arris Vap2500_firmware
N/a — versions n/a

Weakness classification (CWE)

CWE-200 — Information Disclosure

References

cve@mitre.org (x_refsource_MISC)