Summary
Detail | |||
---|---|---|---|
Vendor | Sitecom | First view | 2006-05-23 |
Product | Wl-153 | Last view | 2011-11-22 |
Version | Type | Hardware | |
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
CPE Name | Affected CVE |
---|---|
cpe:2.3:h:sitecom:wl-153:-:*:*:*:*:*:*:* | 3 |
Related : CVE
Date | Alert | Description | |
---|---|---|---|
10 | 2011-11-22 | CVE-2011-4502 | The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters. |
10 | 2011-11-22 | CVE-2011-4501 | The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability. |
7.5 | 2006-05-23 | CVE-2006-2560 | Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
33% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
33% (1) | CWE-78 | Improper Sanitization of Special Elements used in an OS Command ('O... |
33% (1) | CWE-16 | Configuration |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
77434 | Edimax EdiLinux Multiple Product UPnP IGD AddPortMapping Action Remote Port M... |
77432 | Edimax EdiLinux Multiple Product UPnP IGD Shell Metacharacter Remote Command ... |
25894 | Multiple Router UPnP Crafted InternalClient Parameter Access Restriction Bypass |