CVE-2011-4501
Severity CVSS v4.0:
Pending analysis
Type:
CWE-16
Configuration Errors
Publication date:
22/11/2011
Last modified:
11/04/2025
Description
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
Impact
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:edimax:br-6104k_router_firmware:3.21:*:*:*:*:*:*:* | ||
| cpe:2.3:h:edimax:br-6104k:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canyon-tech:cn-wf512_router_firmware:1.83:*:*:*:*:*:*:* | ||
| cpe:2.3:o:canyon-tech:cn-wf514_router_firmware:2.08:*:*:*:*:*:*:* | ||
| cpe:2.3:h:canyon-tech:cn-wf512:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:canyon-tech:cn-wf514:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:edimax:6114wg_router_firmware:1.83:*:*:*:*:*:*:* | ||
| cpe:2.3:o:edimax:6114wg_router_firmware:2.08:*:*:*:*:*:*:* | ||
| cpe:2.3:h:edimax:6114wg:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sitecom:wl-153_router_firmware:1.31:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sitecom:wl-153_router_firmware:1.34:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sitecom:wl-153:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:sweex:lb000021_router_firmware:3.15:*:*:*:*:*:*:* | ||
| cpe:2.3:h:sweex:lb000021:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page