CVSS: 7.5EPSS: 3%CPEs: 2EXPL: 0CVE-2020-13848
https://notcve.org/view.php?id=CVE-2020-13848
04 Jun 2020 — Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c. Portable UPnP SDK (también se conoce como libupnp) versiones 1.12.1 y anteriores, permite a atacantes remotos causar una denegación de servicio (bloqueo) por medio de un mensaje SSDP diseñado debido a una desreferencia del punt... • http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00030.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 29%CPEs: 2EXPL: 1CVE-2016-8863 – Debian Security Advisory 3736-1
https://notcve.org/view.php?id=CVE-2016-8863
16 Dec 2016 — Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request. Desbordamiento de búfer basado en memoria dinámica en la función create_url_list en gena/gena_device.c en Portable UPnP SDK (también conocido como libupnp) en versiones anteriores a 1.6.21 permit... • https://github.com/mephi42/CVE-2016-8863 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 56%CPEs: 2EXPL: 2CVE-2016-6255 – MiCasaVerde VeraLite - Remote Code Execution
https://notcve.org/view.php?id=CVE-2016-6255
21 Oct 2016 — Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler. Portable UPnP SDK (también conocido como libupnp) en versiones anteriores a 1.6.21 permite a atacantes remotos escribir a archivos arbitrarios en el webroot a través de una petición POST sin un contralodor registrado. Multiple vulnerabilities have been found in libupnp, the worst of which could lead to the execution of arbitrary code. Versions less... • https://packetstorm.news/files/id/139298 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 70%CPEs: 1EXPL: 2CVE-2012-5961 – Portable UPnP SDK - 'unique_service_name()' Remote Code Execution
https://notcve.org/view.php?id=CVE-2012-5961
31 Jan 2013 — Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary code via a long UDN (aka device) field in a UDP packet. Desbordamiento de búfer basado en pila en la función de unique_service_name en ssdp/ssdp_server.c en el analizador SSDP en el SDK portátil para dispositivos UPnP (alias libupnp, anteriormente el SDK Intel par... • https://www.exploit-db.com/exploits/24455 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 88%CPEs: 26EXPL: 5CVE-2012-5958 – libupnp 1.6.18 - Stack-based buffer overflow (DoS)
https://notcve.org/view.php?id=CVE-2012-5958
31 Jan 2013 — Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbitrary code via a UDP packet with a crafted string that is not properly handled after a certain pointer subtraction. Desbordamiento de búfer basado en la pila en la función unique_service_name en ssdp/ssdp_server.c en el validador SSDP del SDK para dispositivos U... • https://packetstorm.news/files/id/160242 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •