CVE-2011-4501

Loading...

General

Score:10.0/10.0
Severity:High
Category:Configuration Error

Impact Metrics

Confidentiality:Complete
Integrity:Complete
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Published on 22/11/11 - Updated on 24/01/13

Description

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

Category: Configuration Error

CWE-16 (Configuration)
Weaknesses in this category are typically introduced during the configuration of the software.

Security Notices

US National Vulnerability DatabaseCVE-2011-4501

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
canyon-techcn-wf512
canyon-techcn-wf512_router_firmware
canyon-techcn-wf514
canyon-techcn-wf514_router_firmware
edimax6114wg
edimax6114wg_router_firmware
edimaxbr-6104k
edimaxbr-6104k_router_firmware
sitecomwl-153
sitecomwl-153_router_firmware
sweexlb000021
sweexlb000021_router_firmware

Share this vulnerability with:

Twitter Facebook LinkedIn Mail