PT-2011-4964 · Cisco · Cisco Linksys Wrt54Gx
Publicado
2011-11-22
·
Atualizado
2011-11-22
·
CVE-2011-4500
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Cisco Linksys WRT54GX version 2.00.05
Description
The issue concerns the UPnP IGD implementation. When UPnP is enabled, it configures the SOAP server to listen on the WAN port. This allows remote attackers to administer the firewall via SOAP requests.
Recommendations
For Cisco Linksys WRT54GX version 2.00.05, consider disabling the UPnP feature to prevent remote administration of the firewall until a patch is available.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Cisco Linksys Wrt54Gx