CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
Low
EPSS
Percentile
74.0%
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters.
Vendor | Product | Version | CPE |
---|---|---|---|
edimax | br-6104k_router_firmware | 3.21 | cpe:2.3:o:edimax:br-6104k_router_firmware:3.21:*:*:*:*:*:*:* |
edimax | br-6104k | - | cpe:2.3:h:edimax:br-6104k:-:*:*:*:*:*:*:* |
canyon-tech | cn-wf512_router_firmware | 1.83 | cpe:2.3:o:canyon-tech:cn-wf512_router_firmware:1.83:*:*:*:*:*:*:* |
canyon-tech | cn-wf514_router_firmware | 2.08 | cpe:2.3:o:canyon-tech:cn-wf514_router_firmware:2.08:*:*:*:*:*:*:* |
canyon-tech | cn-wf512 | - | cpe:2.3:h:canyon-tech:cn-wf512:-:*:*:*:*:*:*:* |
canyon-tech | cn-wf514 | - | cpe:2.3:h:canyon-tech:cn-wf514:-:*:*:*:*:*:*:* |
edimax | 6114wg_router_firmware | 1.83 | cpe:2.3:o:edimax:6114wg_router_firmware:1.83:*:*:*:*:*:*:* |
edimax | 6114wg_router_firmware | 2.08 | cpe:2.3:o:edimax:6114wg_router_firmware:2.08:*:*:*:*:*:*:* |
edimax | 6114wg | - | cpe:2.3:h:edimax:6114wg:-:*:*:*:*:*:*:* |
sitecom | wl-153_router_firmware | 1.31 | cpe:2.3:o:sitecom:wl-153_router_firmware:1.31:*:*:*:*:*:*:* |