Lucene search

[email protected]CVE-2011-4503

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-4503

2022-10-0316:15:14

CWE-16

[email protected]

web.nvd.nist.gov

cve-2011-4503

sitecom wl-111

upnp

igd

broadcom linux

remote attack

port mappings

soap request

wan interface

vulnerability

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.6%

JSON

The UPnP IGD implementation in Broadcom Linux on the Sitecom WL-111 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an “external forwarding” vulnerability.

Affected configurations

NVD

Node

broadcombroadcom_linux

AND

sitecomwl-111Match-

CPENameOperatorVersion
broadcom:broadcom_linuxbroadcom broadcom linuxeq*
sitecom:wl-111sitecom wl-111eq-

CPE	Name	Operator	Version
broadcom:broadcom_linux	broadcom broadcom linux	eq	*
sitecom:wl-111	sitecom wl-111	eq	-

References

www.kb.cert.org/vuls/id/357851

www.upnp-hacks.org/suspect.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.004 Low

EPSS

Percentile

73.6%

JSON

Related for CVE-2011-4503

prion1 cvelist1 nvd1