Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

52 matches found

NVD
NVDā€¢added 2026/01/21 6:16 p.m.ā€¢5 views

CVE-2021-47854

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS0.00975EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBā€¢added 2026/01/21 5:27 p.m.ā€¢3 views

CVE-2021-47854

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS6.1AI score0.00975EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistā€¢added 2026/01/21 5:27 p.m.ā€¢16 views

CVE-2021-47854 DD-WRT 45723 - UPNP Buffer Overflow

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS0.00975EPSS
Exploits0References5
CVE
CVEā€¢added 2026/01/21 5:27 p.m.ā€¢13 views

CVE-2021-47854

CVE-2021-47854 affects DD-WRT 45723 and describes a buffer overflow in the UPNP network discovery service. The vulnerability is triggered by receiving crafted M-SEARCH packets with oversized UUID payloads, which can lead to remote code execution on the targeted device. The CVSS metrics indicate a...

9.8CVSS6.4AI score0.00975EPSS
Exploits0References5
EUVD
EUVDā€¢added 2026/01/21 5:27 p.m.ā€¢2 views

EUVD-2026-3629

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS6.4AI score0.00975EPSS
Exploits0References9
Positive Technologies
Positive Technologiesā€¢added 2026/01/21 12:0 a.m.ā€¢6 views

PT-2026-3807

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS6.4AI score0.00975EPSS
Exploits0References6
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢6 views

EUVD-2019-10771

Malware in sbrugna...

10CVSS9.2AI score0.03673EPSS
Exploits0References6
EUVD
EUVDā€¢added 2025/10/07 12:30 a.m.ā€¢4 views

EUVD-2019-10770

Malware in sbrugna...

10CVSS9.2AI score0.03673EPSS
Exploits0References6
EUVD
EUVDā€¢added 2025/10/03 8:7 p.m.ā€¢4 views

EUVD-2024-54344

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00642EPSS
Exploits1References2
RedhatCVE
RedhatCVEā€¢added 2025/05/22 9:24 p.m.ā€¢4 views

CVE-2021-29379

An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play UPnP is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target ST field of the SSDP M-SEARCH discover packet. NOTE: This vulnerability on...

8.8CVSS7.6AI score0.035EPSS
Exploits1References1
RedhatCVE
RedhatCVEā€¢added 2025/05/22 8:37 p.m.ā€¢3 views

CVE-2021-35392

Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or miniupnpd and is the successor to miniigd. The server is vulnerable to a heap buffer overflow that is present due to unsafe...

7.8CVSS7.4AI score0.8315EPSS
Exploits1References1
RedhatCVE
RedhatCVEā€¢added 2025/04/02 1:29 a.m.ā€¢20 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

9.8CVSS7.7AI score0.00642EPSS
Exploits1References1
BDU FSTEC
BDU FSTECā€¢added 2025/04/01 12:0 a.m.ā€¢4 views

The vulnerability of the advertise_res() function in the UPnP service of Netgearā€™s WNR854T router allows a hacker to execute arbitrary code.

The vulnerability of the advertiseres function of the UPnP service involves an escape from the buffer boundaries in memory when processing the M-SEARCH request header value. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted M-SEARCH...

8.3CVSS6.3AI score0.01579EPSS
Exploits1References2Affected Software1
OSV
OSVā€¢added 2025/03/31 9:15 p.m.ā€¢2 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

9.8CVSS6.2AI score
Exploits0References1
NVD
NVDā€¢added 2025/03/31 9:15 p.m.ā€¢18 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

9.8CVSS0.00642EPSS
Exploits1References1
Vulnrichment
Vulnrichmentā€¢added 2025/03/31 12:0 a.m.ā€¢11 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

7.6AI score0.00642EPSS
Exploits1References1
Cvelist
Cvelistā€¢added 2025/03/31 12:0 a.m.ā€¢15 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

0.00642EPSS
Exploits1References1
Vulnrichment
Vulnrichmentā€¢added 2024/11/18 12:0 a.m.ā€¢11 views

CVE-2024-52917

Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...

6.9AI score0.00267EPSS
Exploits0References2
CVE
CVEā€¢added 2024/11/18 12:0 a.m.ā€¢51 views

CVE-2024-52917

CVE-2024-52917 affects Bitcoin Core prior to 22.0. The issue is a miniupnp infinite loop where memory is allocated based on random data from the network (e.g., large M-SEARCH replies from a fake UPnP device), potentially causing an unbounded loop. The root cause is in the miniupnp handling within...

6.5CVSS6.6AI score0.00267EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Stormā€¢added 2024/08/31 12:0 a.m.ā€¢229 views

MiniUPnPd 1.4 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MiniUPnPd 1.4 Denial of Service DoS Exploit', 'Description' = %q This module allows remote attackers to cause a denial of service DoS in MiniUPnP...

7.8CVSS7.2AI score0.76396EPSS
Exploits8
Rows per page
Query Builder