Lucene search

[email protected]CVE-2011-4500

HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-4500

2022-10-0316:15:15

CWE-16

[email protected]

web.nvd.nist.gov

cve-2011-4500

cisco

linksys

wrt54gx

firmware

vulnerability

upnp

soap

firewall

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.2%

JSON

The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests.

Affected configurations

NVD

Node

ciscolinksys_wrt54gx_router_firmwareMatch2.00.05

AND

linksyswrt54gxMatch2.0

CPENameOperatorVersion
cisco:linksys_wrt54gx_router_firmwarecisco linksys wrt54gx router firmwareeq2.00.05
linksys:wrt54gxlinksys wrt54gxeq2.0

CPE	Name	Operator	Version
cisco:linksys_wrt54gx_router_firmware	cisco linksys wrt54gx router firmware	eq	2.00.05
linksys:wrt54gx	linksys wrt54gx	eq	2.0

References

www.kb.cert.org/vuls/id/357851

www.upnp-hacks.org/devices.html

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7 High

AI Score

Confidence

Low

0.003 Low

EPSS

Percentile

71.2%

JSON

Related for CVE-2011-4500

prion1 cvelist1 nvd1