Microsoft Windows SSDP 竞争条件问题漏洞

Microsoft Windows SSDP is a simple service discovery provider developed by Microsoft Corporation. The Microsoft Windows SSDP Service has a vulnerability related to race conditions. Attackers can exploit this vulnerability to gain elevated privileges. The following products and versions are...

CVE-2026-4499

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgimain of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2025-47975 Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

...

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Use after free in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

Windows Simple Search and Discovery Protocol (SSDP) Service Elevation of Privilege Vulnerability

Access of resource using incompatible type 'type confusion' in Windows SSDP Service allows an authorized attacker to elevate privileges locally...

D-Link DIR-815 / DIR-850L - SSDP Command Injection

Advisory Information Title: SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L Vendors contacted: William Brown Dlink Release mode: Released CVE: None Note: All these security issues have been discussed with the vendor and vendor indicated that they have fixed...

D-Link DIR-815 / DIR-850L SSDP Command Injection Vulnerability

D-Link routers, including DIR-815 and DIR-850L, suffer from an SSDP command injection vulnerability. Title: SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L Vendors contacted: William Brown Dlink Release mode: Released CVE: None Note: All these security issu...