2 results (0.002 seconds)

CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0

The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. La implementación de IGD UPnP de la pila UPnP Broadcom de Cisco Linksys WRT54G con firmware anterior a 4.30.5, de WRT54GS v1 hasta la versión v3 con firmware anterior a 4.71.1 y Wde RT54GS v4 con firmware anterior a 1.06.1 permite a atacantes remotos establecer "mappings" a puertos arbitrarios enviando una acción UPnP AddPortMapping en una petición SOAP a un interfaz WAN. Relacionado con una vulnerabilidad de "direccionamiento externo" ("external forwarding"). • http://www.kb.cert.org/vuls/id/357851 http://www.upnp-hacks.org/devices.html • CWE-16: Configuration •

CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 0

Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. • http://secunia.com/advisories/20161 http://securitytracker.com/id?1016134 http://www.securityview.org/dutch-student-finds-a-bug-in-upnp.html http://www.securityview.org/how-does-the-upnp-flaw-works.html http://www.vupen.com/english/advisories/2006/1909 https://exchange.xforce.ibmcloud.com/vulnerabilities/26707 •