CVE-2011-4502
https://notcve.org/view.php?id=CVE-2011-4502
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters. La implementación de UPnP IGD en Edimax EdiLinux en el Edimax BR-6104K con firmware anterior a v3.25 Edimax 6114Wg, Canyon-Tech CN-WF512 con firmware anterior a v1.83, Canyon-Tech CN-WF514 con firmware anterior a v2.08, Sitecom WL-153 con firmware anterior a v1.39, y Sweex LB000021 con firmware anterior a v3.15, permite a atacantes remotos ejecutar comandos de su elección a través de metacaracteres shell. • http://www.kb.cert.org/vuls/id/357851 http://www.upnp-hacks.org/devices.html http://www.upnp-hacks.org/suspect.html • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2011-4501
https://notcve.org/view.php?id=CVE-2011-4501
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. La implementación de UPnP IGD en Edimax EdiLinux en el Edimax BR-6104K con firmware anterior a v3.25 Edimax 6114Wg, Canyon-Tech CN-WF512 con firmware anterior a v1.83, Canyon-Tech CN-WF514 con firmware anterior a v2.08, Sitecom WL-153 con firmware anterior a v1.39, y Sweex LB000021 con firmware anterior a v3.15, permite a atacantes remotos establecer mapeos de puertos de su elección enviando una acción UPnP AddPortMapping en una petición SOAP al interfaz WAN, relacionado con una vulnerabilidad "external forwarding". • http://www.kb.cert.org/vuls/id/357851 http://www.upnp-hacks.org/devices.html http://www.upnp-hacks.org/suspect.html • CWE-16: Configuration •
CVE-2008-5041
https://notcve.org/view.php?id=CVE-2008-5041
Sweex RO002 Router with firmware Ts03-072 has "rdc123" as its default password for the "rdc123" account, which makes it easier for remote attackers to obtain access. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Router Sweex RO002 con firmware Ts03-072 tiene "rdc123" como su contraseña por defecto para la cuenta "rdc123", lo cual hace más sencillo a atacantes remotos obtener acceso. NOTA: la procedencia de esta información es desconocida; los detalles han sido obtenidos a partir de la información de terceros. • http://osvdb.org/49865 http://secunia.com/advisories/32623 http://www.securityfocus.com/bid/32249 https://exchange.xforce.ibmcloud.com/vulnerabilities/46517 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2004-2455
https://notcve.org/view.php?id=CVE-2004-2455
Sweex Wireless Broadband Router/Accesspoint 802.11g (LC000060) allows remote attackers to obtain sensitive information and gain privileges by using TFTP to download the nvram file, then extracting the username, password, and other data from the file. • http://archives.neohapsis.com/archives/fulldisclosure/2004-05/0574.html http://secunia.com/advisories/11603 http://www.osvdb.org/6109 http://www.securityfocus.com/bid/10339 http://www.securitytracker.com/alerts/2004/May/1010143.html https://exchange.xforce.ibmcloud.com/vulnerabilities/16140 •