Strix
26.1K

CVE-2011-4505

UnknownEPSS 1.43%

Last modified

CVE-2011-4505 is a vulnerability of currently unknown severity. The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.. EPSS estimates a 1.43% chance of exploitation in the next 30 days.

Description

The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

Metrics

EPSS Probability
1.43%

69.5th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
AlcatelSpeedtouch 5x6 Router Firmware<= 6.2
AlcatelSpeedtouch 5x6 RouterAll versions

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2011-4505?
The UPnP IGD implementation on SpeedTouch 5x6 devices with firmware before 6.2.29 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
How severe is CVE-2011-4505?
Severity scoring for CVE-2011-4505 is pending analysis. The EPSS model estimates a 1.43% probability of exploitation in the next 30 days.
How do I fix CVE-2011-4505?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2011-4505?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST