CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-33476
https://notcve.org/view.php?id=CVE-2023-33476
ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write. • https://blog.coffinsec.com/0day/2023/05/31/minidlna-heap-overflow-rca.html https://lists.debian.org/debian-lts-announce/2023/06/msg00027.html https://security.gentoo.org/glsa/202311-12 https://sourceforge.net/p/minidlna/git/ci/9bd58553fae5aef3e6dd22f51642d2c851225aec https://sourceforge.net/projects/minidlna https://www.debian.org/security/2023/dsa-5434 • CWE-787: Out-of-bounds Write •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-26505
https://notcve.org/view.php?id=CVE-2022-26505
A DNS rebinding issue in ReadyMedia (formerly MiniDLNA) before 1.3.1 allows a remote web server to exfiltrate media files. Un problema de reenganche de DNS en ReadyMedia (anteriormente MiniDLNA) versiones anteriores a 1.3.1, permite que un servidor web remoto exfiltre archivos multimedia • http://www.openwall.com/lists/oss-security/2022/03/06/1 https://lists.debian.org/debian-lts-announce/2022/04/msg00005.html https://security.gentoo.org/glsa/202311-12 https://sourceforge.net/p/minidlna/git/ci/c21208508dbc131712281ec5340687e5ae89e940 https://www.openwall.com/lists/oss-security/2022/03/03/1 • CWE-290: Authentication Bypass by Spoofing •
CVSS: 9.8EPSS: 7%CPEs: 3EXPL: 2CVE-2020-28926
https://notcve.org/view.php?id=CVE-2020-28926
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove. ReadyMedia (también se conoce como MiniDLNA) versiones anteriores a 1.3.0, permite una ejecución de código remota. Mediante el envío de una petición HTTP UPnP maliciosa hacia el servicio miniDLNA usando la codificación HTTP fragmentada puede conllevar un bug de firma resultando en un desbordamiento del búfer en unas llamadas hacia memcpy/memmove • https://github.com/lorsanta/exploit-CVE-2020-28926 https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html https://sourceforge.net/projects/minidlna https://www.debian.org/security/2020/dsa-4806 https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2013-2738
https://notcve.org/view.php?id=CVE-2013-2738
minidlna has SQL Injection that may allow retrieval of arbitrary files minidlna, presenta una inyección SQL que puede permitir la recuperación de archivos arbitrarios. • http://archives.neohapsis.com/archives/bugtraq/2013-07/0100.html http://media.blackhat.com/bh-us-12/Briefings/Cutlip/BH_US_12_Cutlip_SQL_Exploitation_WP.pdf https://security-tracker.debian.org/tracker/CVE-2013-2738 https://www.securityfocus.com/archive/1/527299/30/0 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 9%CPEs: 4EXPL: 1CVE-2013-2739 – ReadyMedia - Remote Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-2739
MiniDLNA has heap-based buffer overflow MiniDLNA, presenta un desbordamiento de búfer en la región heap de la memoria • https://www.exploit-db.com/exploits/38667 http://archives.neohapsis.com/archives/bugtraq/2013-07/0100.html https://security-tracker.debian.org/tracker/CVE-2013-2739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •