CVE-2024-54807

In Netgear WNR854T 1.5.2 North America, the UPNP service is vulnerable to command injection in the function addmapexec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request f...

Realtek SDK Improper Input Validation Vulnerability

Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request...

K57390658: miniigd SOAP service in Realtek SDK vulnerability CVE-2014-8361

Security Advisory Description The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request. CVE-2014-8361 Impact There is no impact; F5 products are not affected by this vulnerability. Security Advisory Status F5 Product...

CVE-2022-35880

Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicio...

Design/Logic Flaw

The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023...

VulnCheck KEV: CVE-2014-8361

Realtek SDK contains an improper input validation vulnerability in the miniigd SOAP service that allows remote attackers to execute malicious code via a crafted NewInternalClient request...

CVE-2014-8361

CVE-2014-8361 affects Realtek SDK’s miniigd UPnP SOAP service. The root cause is improper input validation in the NewInternalClient handling, enabling a remote attacker to execute arbitrary code. The description notes exploitation in the wild through 2023. Related sources indicate this vulnerabil...

CVE-2014-8361

The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request, as exploited in the wild through 2023...

(0Day) Realtek SDK miniigd AddPortMapping SOAP Action Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the Realtek SDK. Authentication is not required to exploit this vulnerability. The specific flaw exists within the miniigd SOAP service. The issue lies in the handling of the NewInternalClient...

PT-2014-2053

Name of the Vulnerable Software and Affected Versions Realtek SDK affected versions not specified Description The issue is related to the miniigd SOAP service in Realtek SDK, which allows remote attackers to execute arbitrary code via a crafted NewInternalClient request. This has been exploited i...