CVSS: 10.0EPSS: 2%CPEs: 14EXPL: 0CVE-2011-4502
https://notcve.org/view.php?id=CVE-2011-4502
22 Nov 2011 — The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters. La implementación de UPnP IGD en Edimax EdiLinux en el Edimax BR-6104K con firmware anterior a v3.25 Edimax 6114Wg, Canyon-Tech CN-WF512 con firmware anterior... • http://www.kb.cert.org/vuls/id/357851 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 1%CPEs: 14EXPL: 0CVE-2011-4501
https://notcve.org/view.php?id=CVE-2011-4501
22 Nov 2011 — The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. La implementación de UPnP IGD en Edimax EdiLin... • http://www.kb.cert.org/vuls/id/357851 • CWE-16: Configuration •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2006-2560
https://notcve.org/view.php?id=CVE-2006-2560
24 May 2006 — Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. • http://secunia.com/advisories/20183 • CWE-264: Permissions, Privileges, and Access Controls •