Lucene search

K
osvGoogleOSV:USN-4722-1
HistoryFeb 04, 2021 - 7:46 p.m.

minidlna vulnerabilities

2021-02-0419:46:50
Google
osv.dev
4

7.4 High

AI Score

Confidence

Low

0.071 Low

EPSS

Percentile

94.0%

It was discovered that ReadyMedia (MiniDLNA) allowed subscription requests with
a delivery URL on a different network segment than the fully qualified event-
subscription URL. An attacker could use this to hijack smart devices and cause
denial of service attacks. (CVE-2020-12695)

It was discovered that ReadyMedia (MiniDLNA) allowed remote code execution.
A remote attacker could send a malicious UPnP HTTP request to the service
using HTTP chunked encoding and cause a denial of service.
(CVE-2020-28926)