Configuration
CVE-2011-4506
Summary
The UPnP IGD implementation on the Thomson (aka Technicolor) TG585 with firmware 7.x before 7.4.3.2 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
- LOW
- NETWORK
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
CWE-16 - Configuration
Weaknesses in this category are typically introduced during the configuration of the software.
References
Advisory Timeline
- Published