CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2017-1000494
https://notcve.org/view.php?id=CVE-2017-1000494
Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact Vulnerabilidad de variable de pila no inicializada en NameValueParserEndElt (upnpreplyparse.c) en miniupnpd en versiones posteriores a la 2.0 permite que un atacante provoque una denegación de servicio (fallo de segmentación y corrupción de memoria) o que, posiblemente, cause otro tipo de impacto sin especificar. • https://github.com/miniupnp/miniupnp/commit/7aeb624b44f86d335841242ff427433190e7168a https://github.com/miniupnp/miniupnp/issues/268 https://lists.debian.org/debian-lts-announce/2019/05/msg00045.html https://usn.ubuntu.com/3562-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 97%CPEs: 4EXPL: 2CVE-2013-0229 – INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service
https://notcve.org/view.php?id=CVE-2013-0229
The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read. La función ProcessSSDPRequest en minissdp.c en el manejador SSDP en MiniUPnP MiniUPnPd anterior a v1.4 permite a atacantes remotos causar una denegación de servicio (caída del servicio) mediante una petición falsificada que genera una sobre lectura del búfer. • https://www.exploit-db.com/exploits/37517 https://www.exploit-db.com/exploits/38249 https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf https://community.rapid7.com/servlet/servlet.FileDownload?file=00P1400000cCaFb - •
CVSS: 10.0EPSS: 85%CPEs: 1EXPL: 3CVE-2013-0230 – INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service
https://notcve.org/view.php?id=CVE-2013-0230
Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method. Desbordamiento de búfer basado en pila en la función ExecuteSoapAction en el manejador SOAPAction en el servicio HTTP en MiniIPnP MiniIPnPd v1.0 permite a atacantes remotos ejecutar código de su elección a través de un método de gran longitud entre comillas. • https://www.exploit-db.com/exploits/37517 https://www.exploit-db.com/exploits/25975 https://www.exploit-db.com/exploits/36839 http://www.securityfocus.com/bid/57608 https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf https://community.rapid7.com/servlet/servlet.FileDownload?file=00P1400000cCaFb - • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1461
https://notcve.org/view.php?id=CVE-2013-1461
The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230. La función ExecuteSoapAction en el manejador SOAPAction handler en el servicio HTTP en MiniUPnP MiniUPnPd v1.0 permite a atacantes remotos causar una denegación de servicio (referencia a puntero NULL y caída del servicio) mediante una cabecera SOAPAction que carece de un carácter #, una vulnerabilidad diferente de CVE-2013-0230. • https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf https://community.rapid7.com/servlet/servlet.FileDownload?file=00P1400000cCaFb •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1462
https://notcve.org/view.php?id=CVE-2013-1462
Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230. Error de signo de entero en la función ExecuteSoapAction en el manejador SOAPAction en el servicio HTTP en MiniUPnP MiniUPnPd v1.0, permite a atacantes remotos provocar una denegación de servicio (copia incorrecta de memoria) a través de una cabecera SOAPAction que aprovecha un carácter " (doble comilla). Vulnerabilidad distinta de CVE-2013-0230. • https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf https://community.rapid7.com/servlet/servlet.FileDownload?file=00P1400000cCaFb • CWE-189: Numeric Errors •