Vulnerabilities > CVE-2011-4506 - Configuration vulnerability in Technicolor Tg585 Router and Tg585 Router Firmware

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
technicolor
CWE-16

Summary

The UPnP IGD implementation on the Thomson (aka Technicolor) TG585 with firmware 7.x before 7.4.3.2 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

Vulnerable Configurations

Part Description Count
Application
Technicolor
1
Hardware
Technicolor
1

Common Weakness Enumeration (CWE)