CVE-2011-4504

2011-11-2211:00:00

mitre

www.cve.org

upnp

vulnerability

zyxel

AI Score

6.8

Confidence

High

EPSS

0.005

Percentile

77.4%

JSON

The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an “external forwarding” vulnerability.

References

www.kb.cert.org/vuls/id/357851

www.upnp-hacks.org/suspect.html