Vulnerabilities > CVE-2011-4506 - Configuration vulnerability in Technicolor Tg585 Router and Tg585 Router Firmware

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

technicolor

CWE-16

NVD

Published: 2011-11-22

Updated: 2024-11-21

Summary

The UPnP IGD implementation on the Thomson (aka Technicolor) TG585 with firmware 7.x before 7.4.3.2 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

Vulnerable Configurations

Part	Description	Count
Application	Technicolor Technicolor Tg585 Router Firmware *	1
Hardware	Technicolor Technicolor Tg585 Router *	1

Common Weakness Enumeration (CWE)

CWE-16 - Configuration

References

http://toor.do/DEFCON-19-Garcia-UPnP-Mapping-WP.pdf
http://www.kb.cert.org/vuls/id/357851
http://toor.do/DEFCON-19-Garcia-UPnP-Mapping-WP.pdf
http://www.kb.cert.org/vuls/id/357851