CVE-2011-4502

Published Nov 22, 2011

Last updated 12 years ago

CVSS info 10.0

Overview

Description: The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 2.0

Type: Primary
Base score: 10
Impact score: 10
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:edimax:br-6104k_router_firmware:3.21:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D45ACA8-D8A4-4354-8B7D-ADE3330C9BEC"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:edimax:br-6104k:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "160DBE73-D5FA-4A1B-809B-A923E8F39A64"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canyon-tech:cn-wf512_router_firmware:1.83:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EF3228F-22AC-4C90-998F-CA234E04C93E"
          },
          {
            "criteria": "cpe:2.3:o:canyon-tech:cn-wf514_router_firmware:2.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6EB70515-F398-492F-8F99-6572EF3A41AA"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:canyon-tech:cn-wf512:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "85C0B475-BCF0-4370-AB61-CB30567B1394"
          },
          {
            "criteria": "cpe:2.3:h:canyon-tech:cn-wf514:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9833088-083B-44BE-82B4-EA41E1902255"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:edimax:6114wg_router_firmware:1.83:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A6C80B5C-7882-4780-A4B5-5D00BD779EC0"
          },
          {
            "criteria": "cpe:2.3:o:edimax:6114wg_router_firmware:2.08:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "72E44F32-FFCA-4FE0-B6B6-B21FE1D9690A"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:edimax:6114wg:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "028C6A7D-22A5-47B8-BE81-75AE2A94EBF2"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sitecom:wl-153_router_firmware:1.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DDD603E5-B223-4ABC-A3B8-E1925699701B"
          },
          {
            "criteria": "cpe:2.3:o:sitecom:wl-153_router_firmware:1.34:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5132DF5B-C8BE-4B63-9C23-771014E91091"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sitecom:wl-153:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBED964D-46D2-4359-91A9-E2A2D4D719A3"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:sweex:lb000021_router_firmware:3.15:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3BE22FB4-E8B4-4DF5-AE4C-CEDE18FAE681"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:sweex:lb000021:-:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2E0E3D83-38D0-42A8-90AC-C0CAF453ED53"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References