Description
The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
References (2)
Core 2
Core References
Various Sources x_refsource_misc
http://www.upnp-hacks.org/suspect.html
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/357851
Scores
EPSS
0.0064
EPSS Percentile
70.9%
Details
CWE
CWE-16
Status
published
Products (4)
genmei_mori/pseudoics
0.1
genmei_mori/pseudoics
0.2
genmei_mori/pseudoics
0.3
zyxel/p-330w_router
Published
Nov 22, 2011
Tracked Since
Feb 18, 2026