3 matches found
CVE-2018-13416
In Universal Media Server UMS 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing XXE attack. Remote, unauthenticated attackers can use this vulnerability to: 1 Access arbitrary files from the filesystem with the same permission as the user...
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML...
Universal Media Server 7.1.0 - SSDP Processing XML External Entity Injection
Issue: Out-of-Band XXE in Universal Media Server's SSDP Processing Reserved CVE: CVE-2018-13416 Vulnerability Overview The XML parsing engine for Universal Media Server's SSDP/UPNP functionality is vulnerable to an XML External Entity Processing XXE attack. Unauthenticated attackers on the same L...