Unrated severityNVD Advisory· Published Nov 22, 2011· Updated Apr 29, 2026

CVE-2011-4506

Description

The UPnP IGD implementation on the Thomson (aka Technicolor) TG585 with firmware 7.x before 7.4.3.2 allows remote attackers to establish arbitrary port mappings by sending a UPnP AddPortMapping action in a SOAP request to the WAN interface, related to an "external forwarding" vulnerability.

Affected products

Technicolor/Tg585 Router Firmware
cpe:2.3:a:technicolor:tg585_router_firmware:*:*:*:*:*:*:*:*
Range: <=7.4
Technicolor/Tg585 Router
cpe:2.3:h:technicolor:tg585_router:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.kb.cert.org/vuls/id/357851nvdUS Government Resource
toor.do/DEFCON-19-Garcia-UPnP-Mapping-WP.pdfnvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000