[SECURITY] Fedora 43 Update: miniupnpd-2.3.10-1.fc43

The MiniUPnP daemon is an UPnP IGD & PCP/NAT-PMP daemon for gateway routers. UPnP IGD & PCP/NAT-PMP are used to improve internet connectivity for devices behind a NAT router. Any peer to peer network application such as games, IM, etc. can benefit from a NAT router supporting UPnP IGD & PCP/NAT-P...

[SECURITY] Fedora 44 Update: miniupnpd-2.3.10-1.fc44

The MiniUPnP daemon is an UPnP IGD & PCP/NAT-PMP daemon for gateway routers. UPnP IGD & PCP/NAT-PMP are used to improve internet connectivity for devices behind a NAT router. Any peer to peer network application such as games, IM, etc. can benefit from a NAT router supporting UPnP IGD & PCP/NAT-P...

EUVD-2019-5072

Malware in sbrugna...

Tenda G1 and G3 缓冲区错误漏洞

The Tenda G1 and G3 are routers from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda G1 and G3, which can be exploited by an attacker to cause a denial of service via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and...

Tenda G1 and G3 缓冲区错误漏洞

The Tenda G1 and G3 are routers from the Chinese company Tenda. A buffer overflow vulnerability exists in the Tenda G1 and G3, which can be exploited by an attacker to cause a denial of service via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and...

The vulnerability of the NAT Port Mapping Protocol implementation in the TP-Link M7350 router’s microprogramming software arises from the failure to take measures to eliminate special elements used in the operating system commands. This vulnerability allows a perpetrator to execute arbitrary commands.

The vulnerability of the NAT Port Mapping Protocol NAT-PMP implementation of TP-Link’s M7350 router software exists due to the lack of measures taken to neutralize special elements used in the operating system commands. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

TP-Link M7350 triggerPort OS Command Injection Vulnerability (CNVD-2019-40069)

The TP-Link M7350 is a 4G LTE mobile Wi-Fi router. A portMappingProtocol OS command injection vulnerability exists in TP-Link M7350 1.0.16 and earlier versions. An attacker can exploit this vulnerability to execute illegal OS commands...

CVE-2019-13651

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection issue 3 of 5...

Command injection

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection issue 3 of 5...

NAT-PMP Security Vulnerability Affects 1.2M Routers

Vulnerabilities in embedded devices, in particular small office and home office routers, have been relentless. Another serious issue was discovered this week that affects more than 1.2 million such devices due to improper NAT-PMP protocol implementations, most of which run counter to the...

nat-pmp-info NSE Script

Gets the routers WAN IP using the NAT Port Mapping Protocol NAT-PMP. The NAT-PMP protocol is supported by a broad range of routers including: Apple AirPort Express Apple AirPort Extreme Apple Time Capsule DD-WRT OpenWrt v8.09 or higher, with MiniUPnP daemon pfSense v2.0 Tarifa firmware Linksys...