Vulnerability Details CVE-2011-4501
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.012
EPSS Ranking 78.2%
CVSS Severity
CVSS v2 Score 10.0
References
Products affected by CVE-2011-4501
-
cpe:2.3:h:canyon-tech:cn-wf512:-
-
cpe:2.3:h:canyon-tech:cn-wf514:-
-
cpe:2.3:h:edimax:6114wg:-
-
cpe:2.3:h:edimax:br-6104k:-
-
cpe:2.3:h:sitecom:wl-153:-
-
cpe:2.3:h:sweex:lb000021:-
-
cpe:2.3:o:canyon-tech:cn-wf512_router_firmware:1.83
-
cpe:2.3:o:canyon-tech:cn-wf514_router_firmware:2.08
-
cpe:2.3:o:edimax:6114wg_router_firmware:1.83
-
cpe:2.3:o:edimax:6114wg_router_firmware:2.08
-
cpe:2.3:o:edimax:br-6104k_router_firmware:3.21
-
cpe:2.3:o:sitecom:wl-153_router_firmware:1.31
-
cpe:2.3:o:sitecom:wl-153_router_firmware:1.34
-
cpe:2.3:o:sweex:lb000021_router_firmware:3.15