Summary
| Detail | |||
|---|---|---|---|
| Vendor | Sitecom | First view | 2006-05-23 |
| Product | Wl-153 | Last view | 2011-11-22 |
| Version | Type | Hardware | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:h:sitecom:wl-153:-:*:*:*:*:*:*:* | 3 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 10 | 2011-11-22 | CVE-2011-4502 | The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters. |
| 10 | 2011-11-22 | CVE-2011-4501 | The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. |
| 7.5 | 2006-05-23 | CVE-2006-2560 | Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 33% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
| 33% (1) | CWE-16 | Configuration |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 77434 | Edimax EdiLinux Multiple Product UPnP IGD AddPortMapping Action Remote Port M... |
| 77432 | Edimax EdiLinux Multiple Product UPnP IGD Shell Metacharacter Remote Command ... |
| 25894 | Multiple Router UPnP Crafted InternalClient Parameter Access Restriction Bypass |
