Sign-up

ID

VAR-200605-0266


CVE

CVE-2006-2560


TITLE

Sitecom WL-153 Router Firmware UPnP Request Access Control Bypass Vulnerability

Trust: 0.6

sources: CNVD: CNVD-2006-3387

DESCRIPTION

Sitecom WL-153 router firmware before 1.38 allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. For example, use AddPortMapping to forward arbitrary traffic. Wl-153 is prone to a security bypass vulnerability. TITLE: Sitecom WL-153 UPnP Shell Command Injection Vulnerability SECUNIA ADVISORY ID: SA20183 VERIFY ADVISORY: http://secunia.com/advisories/20183/ CRITICAL: Moderately critical IMPACT: DoS, System access WHERE: >From local network OPERATING SYSTEM: Sitecom WL-153 MIMO XR Wireless Network Broadband Router http://secunia.com/product/10081/ DESCRIPTION: Armijn Hemel has reported a vulnerability in Sitecom WL-153, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable device. The vulnerability is related to: SA20169 The vulnerability has been reported in firmware versions prior to 1.38. SOLUTION: Disable the UPnP functionality if it is not required. The vendor reportedly will release an updated firmware soon. PROVIDED AND/OR DISCOVERED BY: Armijn Hemel OTHER REFERENCES: SA20169: http://secunia.com/advisories/20169/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 1.89

sources: NVD: CVE-2006-2560 // CNVD: CNVD-2006-3387 // BID: 87609 // VULHUB: VHN-18668 // PACKETSTORM: 46562

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2006-3387

AFFECTED PRODUCTS

vendor:sitecommodel:wl-153 routerscope:eqversion:1.31

Trust: 1.9

vendor:sitecommodel:wl-153scope:eqversion: -

Trust: 1.3

vendor:sitecommodel:wl-153 routerscope:lteversion:1.34

Trust: 1.0

vendor:sitecommodel:wl-153 routerscope:eqversion:1.34

Trust: 0.9

vendor:wl 153model:sitecom 1.38scope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2006-3387 // BID: 87609 // CNNVD: CNNVD-200605-429 // NVD: CVE-2006-2560

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2006-2560
value: HIGH

Trust: 1.0

CNVD: CNVD-2006-3387
value: HIGH

Trust: 0.6

CNNVD: CNNVD-200605-429
value: HIGH

Trust: 0.6

VULHUB: VHN-18668
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2006-2560
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

CNVD: CNVD-2006-3387
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

VULHUB: VHN-18668
severity: HIGH
baseScore: 7.5
vectorString: AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

sources: CNVD: CNVD-2006-3387 // VULHUB: VHN-18668 // CNNVD: CNNVD-200605-429 // NVD: CVE-2006-2560

PROBLEMTYPE DATA

problemtype:CWE-264

Trust: 1.1

sources: VULHUB: VHN-18668 // NVD: CVE-2006-2560

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200605-429

TYPE

permissions and access control

Trust: 0.6

sources: CNNVD: CNNVD-200605-429

EXTERNAL IDS

db:NVDid:CVE-2006-2560

Trust: 2.6

db:SECUNIAid:20183

Trust: 2.4

db:VUPENid:ADV-2006-1912

Trust: 1.7

db:CNVDid:CNVD-2006-3387

Trust: 0.6

db:CNNVDid:CNNVD-200605-429

Trust: 0.6

db:BIDid:87609

Trust: 0.4

db:VULHUBid:VHN-18668

Trust: 0.1

db:PACKETSTORMid:46562

Trust: 0.1

sources: CNVD: CNVD-2006-3387 // VULHUB: VHN-18668 // BID: 87609 // PACKETSTORM: 46562 // CNNVD: CNNVD-200605-429 // NVD: CVE-2006-2560

REFERENCES

url:http://secunia.com/advisories/20183

Trust: 2.3

url:http://www.securityview.org/dutch-student-finds-a-bug-in-upnp.html

Trust: 2.0

url:http://www.securityview.org/how-does-the-upnp-flaw-works.html

Trust: 2.0

url:http://www.vupen.com/english/advisories/2006/1912

Trust: 1.1

url:http://www.frsirt.com/english/advisories/2006/1912

Trust: 0.6

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/10081/

Trust: 0.1

url:http://secunia.com/advisories/20169/

Trust: 0.1

url:http://secunia.com/advisories/20183/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

sources: CNVD: CNVD-2006-3387 // VULHUB: VHN-18668 // BID: 87609 // PACKETSTORM: 46562 // CNNVD: CNNVD-200605-429 // NVD: CVE-2006-2560

CREDITS

Unknown

Trust: 0.3

sources: BID: 87609

SOURCES

db:CNVDid:CNVD-2006-3387
db:VULHUBid:VHN-18668
db:BIDid:87609
db:PACKETSTORMid:46562
db:CNNVDid:CNNVD-200605-429
db:NVDid:CVE-2006-2560

LAST UPDATE DATE

2024-08-14T15:14:56.968000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2006-3387date:2006-05-23T00:00:00
db:VULHUBid:VHN-18668date:2013-01-24T00:00:00
db:BIDid:87609date:2006-05-23T00:00:00
db:CNNVDid:CNNVD-200605-429date:2006-05-24T00:00:00
db:NVDid:CVE-2006-2560date:2024-02-14T01:17:43.863

SOURCES RELEASE DATE

db:CNVDid:CNVD-2006-3387date:2006-05-23T00:00:00
db:VULHUBid:VHN-18668date:2006-05-24T00:00:00
db:BIDid:87609date:2006-05-23T00:00:00
db:PACKETSTORMid:46562date:2006-05-23T05:09:34
db:CNNVDid:CNNVD-200605-429date:2006-05-23T00:00:00
db:NVDid:CVE-2006-2560date:2006-05-24T01:02:00