MidnightBSD

Advisories for canyon-tech

CVE-2011-4501 HIGH

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-16,

Products Affected

Vendor Product Version
edimax 6114wg_router_firmware 2.08
sitecom wl-153 -
edimax 6114wg_router_firmware 1.83
canyon-tech cn-wf514 -
canyon-tech cn-wf512 -
canyon-tech cn-wf514_router_firmware 2.08
sweex lb000021_router_firmware 3.15
edimax 6114wg -
canyon-tech cn-wf512_router_firmware 1.83
sitecom wl-153_router_firmware 1.31
edimax br-6104k -
sitecom wl-153_router_firmware 1.34
sweex lb000021 -
edimax br-6104k_router_firmware 3.21
CVE-2011-4502 HIGH

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
edimax 6114wg_router_firmware 2.08
sitecom wl-153 -
edimax 6114wg_router_firmware 1.83
canyon-tech cn-wf514 -
canyon-tech cn-wf512 -
canyon-tech cn-wf514_router_firmware 2.08
sweex lb000021_router_firmware 3.15
edimax 6114wg -
canyon-tech cn-wf512_router_firmware 1.83
sitecom wl-153_router_firmware 1.31
edimax br-6104k -
sitecom wl-153_router_firmware 1.34
sweex lb000021 -
edimax br-6104k_router_firmware 3.21