CVE-2014-8496 : Digicom DG-5514T ADSL router with firmware 3.2 generates predictable session IDs

Digicom DG-5514T ADSL router with firmware 3.2 generates predictable session IDs, which allows remote attackers to gain administrator privileges via a brute force session hijacking attack.

Published 2014-12-10 00:59:00

Updated 2025-04-12 10:46:41

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2014-8496

Digicom » Dg-5514t Adsl Router Firmware » Version: 3.2
cpe:2.3:o:digicom:dg-5514t_adsl_router_firmware:3.2:*:*:*:*:*:*:*
Matching versions
When used together with: Digicom » Dg-5514t Adsl Router » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2014-8496

EPSS FAQ

1.79%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 81 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2014-8496

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2014-8496

CWE-255

Assigned by: nvd@nist.gov (Primary)

References for CVE-2014-8496

https://www.youtube.com/watch?v=La9nMeVCtt4

Session Hijacking Vulnerability in Digicom Router #Digicom Hack - YouTube
Exploit

Jump to

Vulnerability Details : CVE-2014-8496

Products affected by CVE-2014-8496

Exploit prediction scoring system (EPSS) score for CVE-2014-8496

CVSS scores for CVE-2014-8496

CWE ids for CVE-2014-8496

References for CVE-2014-8496