CVE-2011-4502
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters.
La implementación de UPnP IGD en Edimax EdiLinux en el Edimax BR-6104K con firmware anterior a v3.25 Edimax 6114Wg, Canyon-Tech CN-WF512 con firmware anterior a v1.83, Canyon-Tech CN-WF514 con firmware anterior a v2.08, Sitecom WL-153 con firmware anterior a v1.39, y Sweex LB000021 con firmware anterior a v3.15, permite a atacantes remotos ejecutar comandos de su elección a través de metacaracteres shell.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2011-11-22 CVE Reserved
- 2011-11-22 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| http://www.kb.cert.org/vuls/id/357851 | Third Party Advisory |
|
| http://www.upnp-hacks.org/devices.html | X_refsource_misc | |
| http://www.upnp-hacks.org/suspect.html | X_refsource_misc |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Edimax Search vendor "Edimax" | Br-6104k Router Firmware Search vendor "Edimax" for product "Br-6104k Router Firmware" | 3.21 Search vendor "Edimax" for product "Br-6104k Router Firmware" and version "3.21" | - |
Affected
| in | Edimax Search vendor "Edimax" | Br-6104k Search vendor "Edimax" for product "Br-6104k" | - | - |
Affected
|
| Canyon-tech Search vendor "Canyon-tech" | Cn-wf512 Router Firmware Search vendor "Canyon-tech" for product "Cn-wf512 Router Firmware" | 1.83 Search vendor "Canyon-tech" for product "Cn-wf512 Router Firmware" and version "1.83" | - |
Affected
| in | Canyon-tech Search vendor "Canyon-tech" | Cn-wf512 Search vendor "Canyon-tech" for product "Cn-wf512" | - | - |
Affected
|
| Canyon-tech Search vendor "Canyon-tech" | Cn-wf512 Router Firmware Search vendor "Canyon-tech" for product "Cn-wf512 Router Firmware" | 1.83 Search vendor "Canyon-tech" for product "Cn-wf512 Router Firmware" and version "1.83" | - |
Affected
| in | Canyon-tech Search vendor "Canyon-tech" | Cn-wf514 Search vendor "Canyon-tech" for product "Cn-wf514" | - | - |
Affected
|
| Canyon-tech Search vendor "Canyon-tech" | Cn-wf514 Router Firmware Search vendor "Canyon-tech" for product "Cn-wf514 Router Firmware" | 2.08 Search vendor "Canyon-tech" for product "Cn-wf514 Router Firmware" and version "2.08" | - |
Affected
| in | Canyon-tech Search vendor "Canyon-tech" | Cn-wf512 Search vendor "Canyon-tech" for product "Cn-wf512" | - | - |
Affected
|
| Canyon-tech Search vendor "Canyon-tech" | Cn-wf514 Router Firmware Search vendor "Canyon-tech" for product "Cn-wf514 Router Firmware" | 2.08 Search vendor "Canyon-tech" for product "Cn-wf514 Router Firmware" and version "2.08" | - |
Affected
| in | Canyon-tech Search vendor "Canyon-tech" | Cn-wf514 Search vendor "Canyon-tech" for product "Cn-wf514" | - | - |
Affected
|
| Edimax Search vendor "Edimax" | 6114wg Router Firmware Search vendor "Edimax" for product "6114wg Router Firmware" | 1.83 Search vendor "Edimax" for product "6114wg Router Firmware" and version "1.83" | - |
Affected
| in | Edimax Search vendor "Edimax" | 6114wg Search vendor "Edimax" for product "6114wg" | - | - |
Affected
|
| Edimax Search vendor "Edimax" | 6114wg Router Firmware Search vendor "Edimax" for product "6114wg Router Firmware" | 2.08 Search vendor "Edimax" for product "6114wg Router Firmware" and version "2.08" | - |
Affected
| in | Edimax Search vendor "Edimax" | 6114wg Search vendor "Edimax" for product "6114wg" | - | - |
Affected
|
| Sitecom Search vendor "Sitecom" | Wl-153 Router Firmware Search vendor "Sitecom" for product "Wl-153 Router Firmware" | 1.31 Search vendor "Sitecom" for product "Wl-153 Router Firmware" and version "1.31" | - |
Affected
| in | Sitecom Search vendor "Sitecom" | Wl-153 Search vendor "Sitecom" for product "Wl-153" | - | - |
Affected
|
| Sitecom Search vendor "Sitecom" | Wl-153 Router Firmware Search vendor "Sitecom" for product "Wl-153 Router Firmware" | 1.34 Search vendor "Sitecom" for product "Wl-153 Router Firmware" and version "1.34" | - |
Affected
| in | Sitecom Search vendor "Sitecom" | Wl-153 Search vendor "Sitecom" for product "Wl-153" | - | - |
Affected
|
| Sweex Search vendor "Sweex" | Lb000021 Router Firmware Search vendor "Sweex" for product "Lb000021 Router Firmware" | 3.15 Search vendor "Sweex" for product "Lb000021 Router Firmware" and version "3.15" | - |
Affected
| in | Sweex Search vendor "Sweex" | Lb000021 Search vendor "Sweex" for product "Lb000021" | - | - |
Affected
|