CVE-2011-4500

The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.kb.cert.org/vuls/id/357851	US Government Resource
http://www.upnp-hacks.org/devices.html
http://www.kb.cert.org/vuls/id/357851	US Government Resource
http://www.upnp-hacks.org/devices.html

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:cisco:linksys_wrt54gx_router_firmware:2.00.05:*:*:*:*:*:*:*

cpe:2.3:h:linksys:wrt54gx:2.0:*:*:*:*:*:*:*

History

21 Nov 2024, 01:32

Type	Values Removed	Values Added
References	~~() http://www.kb.cert.org/vuls/id/357851 - US Government Resource~~	() http://www.kb.cert.org/vuls/id/357851 - US Government Resource
References	~~() http://www.upnp-hacks.org/devices.html -~~	() http://www.upnp-hacks.org/devices.html -

Information

Published : 2011-11-22 11:55

Updated : 2024-11-21 01:32

NVD link : CVE-2011-4500

Mitre link : CVE-2011-4500

CVE.ORG link : CVE-2011-4500

JSON object : View

Products Affected

cisco

linksys_wrt54gx_router_firmware

linksys

wrt54gx

CWE

CWE-16

Configuration

{"id": "CVE-2011-4500", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2011-11-22T11:55:04.793", "references": [{"url": "http://www.kb.cert.org/vuls/id/357851", "tags": ["US Government Resource"], "source": "cve@mitre.org"}, {"url": "http://www.upnp-hacks.org/devices.html", "source": "cve@mitre.org"}, {"url": "http://www.kb.cert.org/vuls/id/357851", "tags": ["US Government Resource"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.upnp-hacks.org/devices.html", "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-16"}]}], "descriptions": [{"lang": "en", "value": "The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests."}, {"lang": "es", "value": "La implementaci\u00f3n de UPnP IGD en el Cisco Linksys WRT54GX con firmware v2.00.05, cuando UPnP est\u00e1 habilitado, configura el servidor SOAP para escuchar en el puerto WAN, lo que permite a atacantes remotos administrar el cortafuegos a trav\u00e9s de peticiones SOAP."}], "lastModified": "2024-11-21T01:32:25.623", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:cisco:linksys_wrt54gx_router_firmware:2.00.05:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2FE3D758-A727-4DAE-B9E4-1CD2FDC36046"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:wrt54gx:2.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0B34EC14-F0BC-446C-8F20-8F779F645EEA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}