← Back

CVE-2011-4499

nvd nist
Published: Nov 22, 2011Modified: Apr 29, 2026

JSON object

Loading...
7.5
Vector
AV:N/AC:L/Au:N/C:P/I:P/A:P
Exploitability: 10.0 / Impact: 6.4
Source: NVD

Description

The UPnP IGD implementation in the Broadcom UPnP stack on the Cisco Linksys WRT54G with firmware before 4.30.5, WRT54GS v1 through v3 with firmware before 4.71.1, and WRT54GS v4 with firmware before 1.06.1 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

Affected (12)

Cisco
2 products
Linksys Wrt54g Router Firmware
Linksys Wrt54gs Router Firmware
Linksys
2 products
Wrt54g
Wrt54gs
Configuration A
5 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Linksys Wrt54g Router Firmware
Up to 4.20.8
Linksys Wrt54g Router Firmware
Version 3.03.9
Linksys Wrt54g Router Firmware
Version 4.20.7
Linksys
Wrt54g
All versions
Wrt54g
Version 2.2
Configuration B
5 vulnerable
Vulnerable SoftwareAffected Versions
Cisco
Linksys Wrt54gs Router Firmware
Up to 4.70.6
Linksys Wrt54gs Router Firmware
Version 2.09.1
Linksys
Wrt54gs
Version 1.0
Wrt54gs
Version 2.0
Wrt54gs
Version 3.0
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Linksys Wrt54gs Router Firmware
Up to 1.06
Wrt54gs
Version 4.0

Related CWEs

CWE-16
CWE-16

References (4)

Source: cve@mitre.org
US Government Resource
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.