CVE-2011-4501 - The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edi

CVE-2011-4501

Summary

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

References

Vulnerable Configurations

cpe:2.3:o:edimax:br-6104k_router_firmware:3.21:*:*:*:*:*:*:*
cpe:2.3:o:edimax:br-6104k_router_firmware:3.21:*:*:*:*:*:*:*
cpe:2.3:h:edimax:br-6104k:-:*:*:*:*:*:*:*
cpe:2.3:h:edimax:br-6104k:-:*:*:*:*:*:*:*
cpe:2.3:o:canyon-tech:cn-wf512_router_firmware:1.83:*:*:*:*:*:*:*
cpe:2.3:o:canyon-tech:cn-wf512_router_firmware:1.83:*:*:*:*:*:*:*
cpe:2.3:o:canyon-tech:cn-wf514_router_firmware:2.08:*:*:*:*:*:*:*
cpe:2.3:o:canyon-tech:cn-wf514_router_firmware:2.08:*:*:*:*:*:*:*
cpe:2.3:h:canyon-tech:cn-wf512:-:*:*:*:*:*:*:*
cpe:2.3:h:canyon-tech:cn-wf512:-:*:*:*:*:*:*:*
cpe:2.3:h:canyon-tech:cn-wf514:-:*:*:*:*:*:*:*
cpe:2.3:h:canyon-tech:cn-wf514:-:*:*:*:*:*:*:*
cpe:2.3:o:edimax:6114wg_router_firmware:1.83:*:*:*:*:*:*:*
cpe:2.3:o:edimax:6114wg_router_firmware:1.83:*:*:*:*:*:*:*
cpe:2.3:o:edimax:6114wg_router_firmware:2.08:*:*:*:*:*:*:*
cpe:2.3:o:edimax:6114wg_router_firmware:2.08:*:*:*:*:*:*:*
cpe:2.3:h:edimax:6114wg:-:*:*:*:*:*:*:*
cpe:2.3:h:edimax:6114wg:-:*:*:*:*:*:*:*
cpe:2.3:o:sitecom:wl-153_router_firmware:1.31:*:*:*:*:*:*:*
cpe:2.3:o:sitecom:wl-153_router_firmware:1.31:*:*:*:*:*:*:*
cpe:2.3:o:sitecom:wl-153_router_firmware:1.34:*:*:*:*:*:*:*
cpe:2.3:o:sitecom:wl-153_router_firmware:1.34:*:*:*:*:*:*:*
cpe:2.3:h:sitecom:wl-153:-:*:*:*:*:*:*:*
cpe:2.3:h:sitecom:wl-153:-:*:*:*:*:*:*:*
cpe:2.3:o:sweex:lb000021_router_firmware:3.15:*:*:*:*:*:*:*
cpe:2.3:o:sweex:lb000021_router_firmware:3.15:*:*:*:*:*:*:*
cpe:2.3:h:sweex:lb000021:-:*:*:*:*:*:*:*
cpe:2.3:h:sweex:lb000021:-:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 24-01-2013 - 05:00)
Impact:
Exploitability:

CWE

CWE-16

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

cert-vn	VU#357851
misc	http://www.upnp-hacks.org/devices.html http://www.upnp-hacks.org/suspect.html

Last major update

24-01-2013 - 05:00

Published

22-11-2011 - 11:55

Last modified

24-01-2013 - 05:00