CVE-2011-4500

Published: Nov 22, 2011Modified: Apr 29, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests.

Affected (2)

Products: Cisco: Linksys Wrt54gx Router Firmware · Linksys: Wrt54gx

Cisco

1 product

Linksys Wrt54gx Router Firmware

Linksys

1 product

Wrt54gx

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Cisco Linksys Wrt54gx Router Firmware	Version 2.00.05
Linksys Wrt54gx	Version 2.0

Related CWEs

CWE-16

References (4)

http://www.kb.cert.org/vuls/id/357851

Source: cve@mitre.org

US Government Resource

http://www.upnp-hacks.org/devices.html

Source: cve@mitre.org

http://www.kb.cert.org/vuls/id/357851

Source: af854a3a-2127-422b-91ae-364da2661108

US Government Resource

http://www.upnp-hacks.org/devices.html

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.