CVE-2011-4500
First published: Tue Nov 22 2011(Updated: )
The UPnP IGD implementation on the Cisco Linksys WRT54GX with firmware 2.00.05, when UPnP is enabled, configures the SOAP server to listen on the WAN port, which allows remote attackers to administer the firewall via SOAP requests.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco Linksys Wrt54gx Router Firmware | =2.00.05 | |
| Linksys WRT54GX | =2.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2011-4500?
CVE-2011-4500 has a high severity rating due to its remote exploitation potential.
How do I fix CVE-2011-4500?
To fix CVE-2011-4500, disable UPnP on the Cisco Linksys WRT54GX router or upgrade to a patched firmware version.
What systems are affected by CVE-2011-4500?
CVE-2011-4500 affects the Cisco Linksys WRT54GX router running firmware version 2.00.05.
Can CVE-2011-4500 be exploited remotely?
Yes, CVE-2011-4500 can be exploited remotely if UPnP is enabled on the affected router.
What type of attacks can occur due to CVE-2011-4500?
CVE-2011-4500 can allow attackers to administer the firewall through unauthorized SOAP requests.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- agent/author
- agent/severity
- agent/weakness
- agent/description
- agent/tags
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- vendor/cisco
- canonical/cisco linksys wrt54gx router firmware
- version/cisco linksys wrt54gx router firmware/2.00.05
- vendor/linksys
- canonical/linksys wrt54gx
- version/linksys wrt54gx/2.0