CVE-2011-4502

Edimax BR-6104K < 3.25 - Remote Code Execution via UPnP IGD Shell Metacharacters

Title source: llm
STIX 2.1

Description

The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters.

References (3)

Core 3
Core References
Various Sources x_refsource_misc
http://www.upnp-hacks.org/devices.html
Various Sources x_refsource_misc
http://www.upnp-hacks.org/suspect.html
US Government Resource third-party-advisory x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/357851

Scores

EPSS 0.0580
EPSS Percentile 92.2%

Details

CWE
CWE-78
Status published
Products (14)
canyon-tech/cn-wf512
canyon-tech/cn-wf512_router_firmware 1.83
canyon-tech/cn-wf514
canyon-tech/cn-wf514_router_firmware 2.08
edimax/6114wg
edimax/6114wg_router_firmware 1.83
edimax/6114wg_router_firmware 2.08
edimax/br-6104k
edimax/br-6104k_router_firmware 3.21
sitecom/wl-153
... and 4 more
Published Nov 22, 2011
Tracked Since Feb 18, 2026