PT-2011-4964 · Cisco · Cisco Linksys Wrt54Gx

Published

2011-11-22

Updated

2011-11-22

CVE-2011-4500

CVSS v2.0

7.5

High

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Cisco Linksys WRT54GX version 2.00.05

Description The issue concerns the UPnP IGD implementation. When UPnP is enabled, it configures the SOAP server to listen on the WAN port. This allows remote attackers to administer the firewall via SOAP requests.

Recommendations For Cisco Linksys WRT54GX version 2.00.05, consider disabling the UPnP feature to prevent remote administration of the firewall until a patch is available.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-16

Related Identifiers

CVE-2011-4500

Affected Products

Cisco Linksys Wrt54Gx

PT-2011-4964 · Cisco · Cisco Linksys Wrt54Gx

CVE-2011-4500

Weakness Enumeration

Related Identifiers

Affected Products

References · 3