PT-2011-4969 · Thomson · Speedtouch
Daniel Garcia
·
Publicado
2011-11-22
·
Atualizado
2012-03-08
·
CVE-2011-4505
CVSS v2.0
7.5
Alta
| Vetor | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
SpeedTouch 5x6 devices with firmware prior to 6.2.29
Description
The issue allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface. This is related to an external forwarding issue.
Recommendations
For SpeedTouch 5x6 devices with firmware prior to 6.2.29, update the firmware to version 6.2.29 or later to resolve the issue. As a temporary workaround, consider restricting access to the WAN interface to minimize the risk of exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Speedtouch