37 matches found
EUVD-2026-34147
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...
CVE-2026-3870
A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...
CVE-2026-3870
A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...
CVE-2026-3870
Zyxel VMG4005-B50B firmware versions up to 5.13(ABRL.5.4)C0 contain a buffer overflow in the UPnP AddPortMapping() command. This vulnerability could allow an adjacent attacker to trigger a temporary denial-of-service (DoS) condition affecting the UPnP function of the device. The available documen...
PT-2026-45688
A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...
EUVD-2026-25744
A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within...
CVE-2026-7069
A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within...
CVE-2026-7069 D-Link DIR-825 miniupnpd upnpsoap.c AddPortMapping buffer overflow
A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within...
Exploit for CVE-2020-24586
Fracture FragAttacks WiFi Penetration Framework CVE-202...
EUVD-2022-46940
Malicious code in bioql PyPI...
CVE-2022-43972
A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware = 4.30.18.006. A null pointer dereference in the soapaction function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the...
CVE-2024-54807
In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...
CVE-2024-54807
In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...
CVE-2024-54807
Netgear WNR854T (North America) firmware 1.5.2 is affected. The UPNP service’s addmap_exec function incorrectly parses the NewInternalClient parameter of the AddPortMapping SOAPAction and passes it to a system call without proper sanitization, enabling arbitrary command execution via WANIPConn1. ...
CVE-2022-43972
A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware = 4.30.18.006. A null pointer dereference in the soapaction function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the...
Null pointer dereference
A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware = 4.30.18.006. A null pointer dereference in the soapaction function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the...
CVE-2022-43972 Null pointer dereference in Linksys WRT54GL
A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware = 4.30.18.006. A null pointer dereference in the soapaction function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the...
Denial Of Service (DoS)
miniupnpc-vc140 is vulnerable to denial of service DoS. The AddPortMapping in upnpredirect.c does not have sufficient checking of description value desc, allowing an attacker to cause a null pointer dereference and crash the process...
CVE-2019-12110
An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c...
CVE-2019-12110
An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c...