CVE-2011-4502
Edimax BR-6104K < 3.25 - Remote Code Execution via UPnP IGD Shell Metacharacters
Title source: llmDescription
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25, Edimax 6114Wg, Canyon-Tech CN-WF512 with firmware 1.83, Canyon-Tech CN-WF514 with firmware 2.08, Sitecom WL-153 with firmware before 1.39, and Sweex LB000021 with firmware 3.15 allows remote attackers to execute arbitrary commands via shell metacharacters.
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://www.upnp-hacks.org/devices.html
Various Sources x_refsource_misc
http://www.upnp-hacks.org/suspect.html
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/357851
Scores
EPSS
0.0580
EPSS Percentile
92.2%
Details
CWE
CWE-78
Status
published
Products (14)
canyon-tech/cn-wf512
canyon-tech/cn-wf512_router_firmware
1.83
canyon-tech/cn-wf514
canyon-tech/cn-wf514_router_firmware
2.08
edimax/6114wg
edimax/6114wg_router_firmware
1.83
edimax/6114wg_router_firmware
2.08
edimax/br-6104k
edimax/br-6104k_router_firmware
3.21
sitecom/wl-153
... and 4 more
Published
Nov 22, 2011
Tracked Since
Feb 18, 2026