Lucene search
MitreCVE-2006-2560HistoryMay 24, 2006 - 1:02 a.m.
CVE-2006-2560
2006-05-2401:02:00
CWE-264
mitre
web.nvd.nist.gov
27
cve-2006-2560
sitecom
wl-153
router firmware
access restriction bypass
unauthorized operations
upnp
addportmapping
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.008
Percentile
81.5%
Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
Affected configurations
Node
sitecomwl-153_router_firmwareRange≤1.34
ORsitecomwl-153_router_firmwareMatch1.31
sitecomwl-153Match-
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sitecom | wl-153_router_firmware | * | cpe:2.3:o:sitecom:wl-153_router_firmware:*:*:*:*:*:*:*:* |
| sitecom | wl-153_router_firmware | 1.31 | cpe:2.3:o:sitecom:wl-153_router_firmware:1.31:*:*:*:*:*:*:* |
| sitecom | wl-153 | - | cpe:2.3:h:sitecom:wl-153:-:*:*:*:*:*:*:* |
Related
prion
prion
Authentication flaw
2006-05-24 01:02:00
nvd
nvd
CVE-2006-2560
2006-05-24 01:02:00
cvelist
cvelist
CVE-2006-2560
2006-05-24 01:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.9
Confidence
Low
EPSS
0.008
Percentile
81.5%
Related for CVE-2006-2560