CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-4505

The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.3%

CVSS Severity

CVSS v2 Score 7.5

References

http://toor.do/DEFCON-19-Garcia-UPnP-Mapping-WP.pdf
http://www.kb.cert.org/vuls/id/357851
http://toor.do/DEFCON-19-Garcia-UPnP-Mapping-WP.pdf
http://www.kb.cert.org/vuls/id/357851

Products affected by CVE-2011-4505

Alcatel » Speedtouch 5x6 Router Firmware » Version: Any

cpe:2.3:a:alcatel:speedtouch_5x6_router_firmware:*
Alcatel » Speedtouch 5x6 Router » Version: Any

cpe:2.3:h:alcatel:speedtouch_5x6_router:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4505

Products

Pricing

Contact Us