CVE-2018-13416

🗓️ 03 Aug 2018 17:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov👁 79 Views🌐 WEB

In Universal Media Server (UMS) 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can exploit this to: (1) Access arbitrary files from the filesystem with the same permission as the user account running UMS, (2) Initiate SMB connections to capture a NetNTLM challenge/response, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains

Reporter	Title	Published	Views	Family All 9
0day.today	Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection Vulnerability	2 Aug 201800:00	–	zdt
CNVD	Universal Media Server XML External Entity Injection Vulnerability	2 Aug 201800:00	–	cnvd
Cvelist	CVE-2018-13416	3 Aug 201817:00	–	cvelist
Exploit DB	Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection	2 Aug 201800:00	–	exploitdb
exploitpack	Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection	2 Aug 201800:00	–	exploitpack
NVD	CVE-2018-13416	3 Aug 201817:29	–	nvd
OpenVAS	Universal Media Server XXE Vulnerability	7 Aug 201800:00	–	openvas
Packet Storm	Universal Media Server 7.1.0 XML Injection	1 Aug 201800:00	–	packetstorm
Prion	Xxe	3 Aug 201817:29	–	prion

NVD

Node

spirton universal_media_serverMatch7.1.0

Source	Link
seclists	www.seclists.org/fulldisclosure/2018/Jul/94
exploit-db	www.exploit-db.com/exploits/45133/

Parameter	Position	Path	Description	CWE
exfiltrated	query param	/?exfiltrated=secretstuff!	Exfiltration of data via XXE causing leakage of local file contents to attacker-controlled server.	CWE-611

21 Nov 2024 03:47Current

9.6High risk

Vulners AI Score9.6

CVSS 27.5

CVSS 39.8

EPSS0.55833

CWE-611