Lucene search
K

52 matches found

NVD
NVD
•added 2026/01/21 6:16 p.m.•13 views

CVE-2021-47854

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS0.00975EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
•added 2026/01/21 5:27 p.m.•3 views

CVE-2021-47854

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS6.1AI score0.00975EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
•added 2026/01/21 5:27 p.m.•21 views

CVE-2021-47854 DD-WRT 45723 - UPNP Buffer Overflow

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS0.00975EPSS
Exploits0References5
EUVD
EUVD
•added 2026/01/21 5:27 p.m.•3 views

EUVD-2026-3629

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS6.4AI score0.00975EPSS
Exploits0References9
CVE
CVE
•added 2026/01/21 5:27 p.m.•17 views

CVE-2021-47854

CVE-2021-47854 affects DD-WRT 45723 and describes a buffer overflow in the UPNP network discovery service. The vulnerability is triggered by receiving crafted M-SEARCH packets with oversized UUID payloads, which can lead to remote code execution on the targeted device. The CVSS metrics indicate a...

9.8CVSS6.4AI score0.00975EPSS
Exploits0References5
Positive Technologies
Positive Technologies
•added 2026/01/21 12:0 a.m.•10 views

PT-2026-3807

DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target devi...

9.8CVSS6.4AI score0.00975EPSS
Exploits0References6
EUVD
EUVD
•added 2025/10/07 12:30 a.m.•7 views

EUVD-2019-10771

Malware in sbrugna...

10CVSS9.2AI score0.03673EPSS
Exploits0References6
EUVD
EUVD
•added 2025/10/07 12:30 a.m.•5 views

EUVD-2019-10770

Malware in sbrugna...

10CVSS9.2AI score0.03673EPSS
Exploits0References6
EUVD
EUVD
•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-54344

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00667EPSS
Exploits1References2
RedhatCVE
RedhatCVE
•added 2025/05/22 9:24 p.m.•6 views

CVE-2021-29379

An issue was discovered on D-Link DIR-802 A1 devices through 1.00b05. Universal Plug and Play UPnP is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target ST field of the SSDP M-SEARCH discover packet. NOTE: This vulnerability on...

8.8CVSS7.6AI score0.035EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2025/05/22 8:37 p.m.•5 views

CVE-2021-35392

Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or miniupnpd and is the successor to miniigd. The server is vulnerable to a heap buffer overflow that is present due to unsafe...

7.8CVSS7.4AI score0.8315EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2025/04/02 1:29 a.m.•22 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

9.8CVSS7.7AI score0.00667EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
•added 2025/04/01 12:0 a.m.•8 views

The vulnerability of the advertise_res() function in the UPnP service of Netgear’s WNR854T router allows a hacker to execute arbitrary code.

The vulnerability of the advertiseres function of the UPnP service involves an escape from the buffer boundaries in memory when processing the M-SEARCH request header value. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by sending specially crafted M-SEARCH...

8.3CVSS6.3AI score0.01619EPSS
Exploits1References2Affected Software1
OSV
OSV
•added 2025/03/31 9:15 p.m.•3 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

9.8CVSS6.2AI score
Exploits0References1
NVD
NVD
•added 2025/03/31 9:15 p.m.•21 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

9.8CVSS0.00667EPSS
Exploits1References1
Cvelist
Cvelist
•added 2025/03/31 12:0 a.m.•17 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

0.00667EPSS
Exploits1References1
Vulnrichment
Vulnrichment
•added 2025/03/31 12:0 a.m.•12 views

CVE-2024-54802

In Netgear WNR854T 1.5.2 North America, the UPNP service /usr/sbin/upnp is vulnerable to stack-based buffer overflow in the M-SEARCH Host header...

7.6AI score0.00667EPSS
Exploits1References1
Vulnrichment
Vulnrichment
•added 2024/11/18 12:0 a.m.•11 views

CVE-2024-52917

Bitcoin Core before 22.0 has a miniupnp infinite loop in which it allocates memory on the basis of random data received over the network, e.g., large M-SEARCH replies from a fake UPnP device...

6.9AI score0.00267EPSS
Exploits0References2
CVE
CVE
•added 2024/11/18 12:0 a.m.•56 views

CVE-2024-52917

CVE-2024-52917 affects Bitcoin Core prior to 22.0. The issue is a miniupnp infinite loop where memory is allocated based on random data from the network (e.g., large M-SEARCH replies from a fake UPnP device), potentially causing an unbounded loop. The root cause is in the miniupnp handling within...

6.5CVSS6.6AI score0.00267EPSS
Exploits0References2Affected Software1
Packet Storm
Packet Storm
•added 2024/08/31 12:0 a.m.•233 views

MiniUPnPd 1.4 Denial of Service

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MiniUPnPd 1.4 Denial of Service DoS Exploit', 'Description' = %q This module allows remote attackers to cause a denial of service DoS in MiniUPnP...

7.8CVSS7.2AI score0.76396EPSS
Exploits8
Rows per page
Query Builder