11 matches found
EUVD-2015-3067
Malware in sbrugna...
Code injection
I-O DATA DEVICE WN-G54/R2 routers with firmware before 1.03 and NP-BBRS routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
CVE-2015-2984
CVE-2015-2984 applies to I-O DATA DEVICE NP-BBRS and WN-G54/R2 routers. The UPnP functionality allows remote attackers to cause a denial of service via SSDP requests (DDoS risk). Affected: NP-BBRS (all firmware versions) and WN-G54/R2 (pre‑1.03). Remediation: WN-G54/R2 firmware 1.03 fixes the iss...
Multiple I-O DATA LAN routers vulnerable in UPnP functionality
Overview A wired LAN router NP-BBRS and a wireless LAN router WN-G54/R2 provided by I-O DATA DEVICE, INC. contain a vulnerability in the UPnP functionality. Impact The device may be used in a DDoS attack, as a SSDP reflector. Solution For NP-BBRS: Do not use NP-BBRS The developer has stated that...
INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service
INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service !/usr/bin/perl miniupnpd/1.0 remote denial of service exploit Copyright 2015 c Todor Donev [email protected] http://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg The SSDP protocol can discover Plug & Play devices, with...
CVE-2015-0869
I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
Code injection
I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
CVE-2015-0869
The CVE-2015-0869 entry concerns I-O DATA DEVICE NP-BBRM routers. A vulnerability in the UPnP functionality allows remote attackers to cause a denial of service via SSDP reflection by sending UPnP requests. Affected product: NP-BBRM router. Impact: potential DoS through SSDP reflection. CVSS metr...
CVE-2015-0869
I-O DATA DEVICE NP-BBRM routers allow remote attackers to cause a denial of service SSDP reflection via UPnP requests...
Updated MythTV packages to harden against SSDP reflection attacks
Updated MythTV packages to harden against SSDP reflection attacks MythTV's UPNP component was suseptable to SSDP reflection attacks and has been hardened to disallow SSDP device discovery from non-local addresses as mitigation. Additionally, a popular schedules retrieval service, Schedules Direct...
MGASA-2014-0435 Updated MythTV packages to harden against SSDP reflection attacks
Updated MythTV packages to harden against SSDP reflection attacks MythTV's UPNP component was suseptable to SSDP reflection attacks and has been hardened to disallow SSDP device discovery from non-local addresses as mitigation. Additionally, a popular schedules retrieval service, Schedules Direct...