CVE-2011-4501
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
La implementación de UPnP IGD en Edimax EdiLinux en el Edimax BR-6104K con firmware anterior a v3.25 Edimax 6114Wg, Canyon-Tech CN-WF512 con firmware anterior a v1.83, Canyon-Tech CN-WF514 con firmware anterior a v2.08, Sitecom WL-153 con firmware anterior a v1.39, y Sweex LB000021 con firmware anterior a v3.15, permite a atacantes remotos establecer mapeos de puertos de su elección enviando una acción UPnP AddPortMapping en una petición SOAP al interfaz WAN, relacionado con una vulnerabilidad "external forwarding".
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-11-22 CVE Reserved
- 2011-11-22 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-16: Configuration
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.kb.cert.org/vuls/id/357851 | Third Party Advisory |
|
| http://www.upnp-hacks.org/devices.html | X_refsource_misc | |
| http://www.upnp-hacks.org/suspect.html | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Edimax Search vendor "Edimax" | Br-6104k Router Firmware Search vendor "Edimax" for product "Br-6104k Router Firmware" | 3.21 Search vendor "Edimax" for product "Br-6104k Router Firmware" and version "3.21" | - |
Affected
| in | Edimax Search vendor "Edimax" | Br-6104k Search vendor "Edimax" for product "Br-6104k" | - | - |
Affected
|
| Canyon-tech Search vendor "Canyon-tech" | Cn-wf512 Router Firmware Search vendor "Canyon-tech" for product "Cn-wf512 Router Firmware" | 1.83 Search vendor "Canyon-tech" for product "Cn-wf512 Router Firmware" and version "1.83" | - |
Affected
| in | Canyon-tech Search vendor "Canyon-tech" | Cn-wf512 Search vendor "Canyon-tech" for product "Cn-wf512" | - | - |
Affected
|
| Canyon-tech Search vendor "Canyon-tech" | Cn-wf512 Router Firmware Search vendor "Canyon-tech" for product "Cn-wf512 Router Firmware" | 1.83 Search vendor "Canyon-tech" for product "Cn-wf512 Router Firmware" and version "1.83" | - |
Affected
| in | Canyon-tech Search vendor "Canyon-tech" | Cn-wf514 Search vendor "Canyon-tech" for product "Cn-wf514" | - | - |
Affected
|
| Canyon-tech Search vendor "Canyon-tech" | Cn-wf514 Router Firmware Search vendor "Canyon-tech" for product "Cn-wf514 Router Firmware" | 2.08 Search vendor "Canyon-tech" for product "Cn-wf514 Router Firmware" and version "2.08" | - |
Affected
| in | Canyon-tech Search vendor "Canyon-tech" | Cn-wf512 Search vendor "Canyon-tech" for product "Cn-wf512" | - | - |
Affected
|
| Canyon-tech Search vendor "Canyon-tech" | Cn-wf514 Router Firmware Search vendor "Canyon-tech" for product "Cn-wf514 Router Firmware" | 2.08 Search vendor "Canyon-tech" for product "Cn-wf514 Router Firmware" and version "2.08" | - |
Affected
| in | Canyon-tech Search vendor "Canyon-tech" | Cn-wf514 Search vendor "Canyon-tech" for product "Cn-wf514" | - | - |
Affected
|
| Edimax Search vendor "Edimax" | 6114wg Router Firmware Search vendor "Edimax" for product "6114wg Router Firmware" | 1.83 Search vendor "Edimax" for product "6114wg Router Firmware" and version "1.83" | - |
Affected
| in | Edimax Search vendor "Edimax" | 6114wg Search vendor "Edimax" for product "6114wg" | - | - |
Affected
|
| Edimax Search vendor "Edimax" | 6114wg Router Firmware Search vendor "Edimax" for product "6114wg Router Firmware" | 2.08 Search vendor "Edimax" for product "6114wg Router Firmware" and version "2.08" | - |
Affected
| in | Edimax Search vendor "Edimax" | 6114wg Search vendor "Edimax" for product "6114wg" | - | - |
Affected
|
| Sitecom Search vendor "Sitecom" | Wl-153 Router Firmware Search vendor "Sitecom" for product "Wl-153 Router Firmware" | 1.31 Search vendor "Sitecom" for product "Wl-153 Router Firmware" and version "1.31" | - |
Affected
| in | Sitecom Search vendor "Sitecom" | Wl-153 Search vendor "Sitecom" for product "Wl-153" | - | - |
Affected
|
| Sitecom Search vendor "Sitecom" | Wl-153 Router Firmware Search vendor "Sitecom" for product "Wl-153 Router Firmware" | 1.34 Search vendor "Sitecom" for product "Wl-153 Router Firmware" and version "1.34" | - |
Affected
| in | Sitecom Search vendor "Sitecom" | Wl-153 Search vendor "Sitecom" for product "Wl-153" | - | - |
Affected
|
| Sweex Search vendor "Sweex" | Lb000021 Router Firmware Search vendor "Sweex" for product "Lb000021 Router Firmware" | 3.15 Search vendor "Sweex" for product "Lb000021 Router Firmware" and version "3.15" | - |
Affected
| in | Sweex Search vendor "Sweex" | Lb000021 Search vendor "Sweex" for product "Lb000021" | - | - |
Affected
|