Lucene search

[email protected]NVD:CVE-2011-4502

HistoryNov 22, 2011 - 11:55 a.m.

CVE-2011-4502

2011-11-2211:55:05

CWE-78

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.004

Percentile

74.0%

JSON

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters.

Affected configurations

Nvd

Node

edimaxbr-6104k_router_firmwareMatch3.21

AND

edimaxbr-6104kMatch-

Node

canyon-techcn-wf512_router_firmwareMatch1.83

canyon-techcn-wf514_router_firmwareMatch2.08

AND

canyon-techcn-wf512Match-

canyon-techcn-wf514Match-

Node

edimax6114wg_router_firmwareMatch1.83

edimax6114wg_router_firmwareMatch2.08

AND

edimax6114wgMatch-

Node

sitecomwl-153_router_firmwareMatch1.31

sitecomwl-153_router_firmwareMatch1.34

AND

sitecomwl-153Match-

Node

sweexlb000021_router_firmwareMatch3.15

AND

sweexlb000021Match-

VendorProductVersionCPE
edimaxbr-6104k_router_firmware3.21cpe:2.3:o:edimax:br-6104k_router_firmware:3.21:*:*:*:*:*:*:*
edimaxbr-6104k-cpe:2.3:h:edimax:br-6104k:-:*:*:*:*:*:*:*
canyon-techcn-wf512_router_firmware1.83cpe:2.3:o:canyon-tech:cn-wf512_router_firmware:1.83:*:*:*:*:*:*:*
canyon-techcn-wf514_router_firmware2.08cpe:2.3:o:canyon-tech:cn-wf514_router_firmware:2.08:*:*:*:*:*:*:*
canyon-techcn-wf512-cpe:2.3:h:canyon-tech:cn-wf512:-:*:*:*:*:*:*:*
canyon-techcn-wf514-cpe:2.3:h:canyon-tech:cn-wf514:-:*:*:*:*:*:*:*
edimax6114wg_router_firmware1.83cpe:2.3:o:edimax:6114wg_router_firmware:1.83:*:*:*:*:*:*:*
edimax6114wg_router_firmware2.08cpe:2.3:o:edimax:6114wg_router_firmware:2.08:*:*:*:*:*:*:*
edimax6114wg-cpe:2.3:h:edimax:6114wg:-:*:*:*:*:*:*:*
sitecomwl-153_router_firmware1.31cpe:2.3:o:sitecom:wl-153_router_firmware:1.31:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
edimax	br-6104k_router_firmware	3.21	cpe:2.3:o:edimax:br-6104k_router_firmware:3.21:::::::*
edimax	br-6104k	-	cpe:2.3:h:edimax:br-6104k:-:::::::*
canyon-tech	cn-wf512_router_firmware	1.83	cpe:2.3:o:canyon-tech:cn-wf512_router_firmware:1.83:::::::*
canyon-tech	cn-wf514_router_firmware	2.08	cpe:2.3:o:canyon-tech:cn-wf514_router_firmware:2.08:::::::*
canyon-tech	cn-wf512	-	cpe:2.3:h:canyon-tech:cn-wf512:-:::::::*
canyon-tech	cn-wf514	-	cpe:2.3:h:canyon-tech:cn-wf514:-:::::::*
edimax	6114wg_router_firmware	1.83	cpe:2.3:o:edimax:6114wg_router_firmware:1.83:::::::*
edimax	6114wg_router_firmware	2.08	cpe:2.3:o:edimax:6114wg_router_firmware:2.08:::::::*
edimax	6114wg	-	cpe:2.3:h:edimax:6114wg:-:::::::*
sitecom	wl-153_router_firmware	1.31	cpe:2.3:o:sitecom:wl-153_router_firmware:1.31:::::::*

Rows per page:

1-10 of 141

References

www.kb.cert.org/vuls/id/357851

www.upnp-hacks.org/devices.html

www.upnp-hacks.org/suspect.html

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.8

Confidence

High

EPSS

0.004

Percentile

74.0%

JSON

Related for NVD:CVE-2011-4502

cve1 cvelist1 prion1