Executive Summary
This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2011-4500 | First vendor Publication | 2011-11-22 |
| Vendor | Cve | Last vendor Modification | 2011-11-22 |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 7.5 | Attack Range | Network |
| Cvss Impact Score | 6.4 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4500 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-16 | Configuration |
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Hardware | 1 |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 77431 | Cisco Linksys WRT54GX UPnP IGD SOAP Request Parsing Remote Firewall Manipulation |
Sources (Detail)
| Source | Url |
|---|---|
| CERT-VN | http://www.kb.cert.org/vuls/id/357851 |
| MISC | http://www.upnp-hacks.org/devices.html |
Alert History
| Date | Informations |
|---|---|
| 2019-05-10 12:04:24 |
|
| 2013-05-10 23:10:55 |
|
