Vulnerabilities > CVE-2011-4504 - Configuration vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
genmei-mori
zyxel
CWE-16

Summary

The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

Vulnerable Configurations

Part Description Count
Application
Genmei_Mori
3
Hardware
Zyxel
1

Common Weakness Enumeration (CWE)