Описание
The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одновременно
Одно из
cpe:2.3:a:genmei_mori:pseudoics:0.1:*:*:*:*:*:*:*
cpe:2.3:a:genmei_mori:pseudoics:0.2:*:*:*:*:*:*:*
cpe:2.3:a:genmei_mori:pseudoics:0.3:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:p-330w_router:*:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00643
Низкий
7.5 High
CVSS2
Дефекты
CWE-16
Связанные уязвимости
github
больше 3 лет назад
The UPnP IGD implementation in the Pseudo ICS UPnP software on the ZyXEL P-330W allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.
EPSS
Процентиль: 70%
0.00643
Низкий
7.5 High
CVSS2
Дефекты
CWE-16