Vulnerabilities > CVE-2011-4501 - Configuration vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 | |
| OS | 2 | |
| OS | 2 | |
| OS | 1 | |
| Hardware | 2 | |
| Hardware | 2 | |
| Hardware | 1 | |
| Hardware | 1 |