Remote Command Execution Vulnerability in Edimax and Canyon-Tech Routers
CVE-2011-4502

Currently unrated

Key Information:

Vendor: Edimax
Status: Br-6104k Router Firmware; Br-6104k
Vendor: CVE Published:; 22 November 2011

What is CVE-2011-4502?

The UPnP IGD implementation in several Edimax and Canyon-Tech routers is susceptible to a vulnerability that allows remote attackers to execute arbitrary commands. This issue arises due to improper handling of shell metacharacters, potentially leading to unauthorized access and control over the affected devices. Users are encouraged to update their firmware to the latest versions to mitigate the risks associated with this vulnerability.

References

http://www.upnp-hacks.org/devices.html

x_refsource_MISC

http://www.upnp-hacks.org/suspect.html

x_refsource_MISC

http://www.kb.cert.org/vuls/id/357851

third-party-advisoryx_refsource_CERT-VN

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Nov 22, 2011