CVE-2013-3066 Information

Description

Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict access which allows remote attackers to obtain sensitive information (clients and router configuration) via a request to /JNAP/.

Reference

http://securityevaluators.com/knowledge/case_studies/routers/linksys_ea6500.php http://securityevaluators.com/knowledge/case_studies/routers/Vulnerability_Catalog.pdf