Miniupnpd Security Vulnerabilities and Issues — Miniupnpd CVE List

Lucene search

Miniupnp ProjectMiniupnpd

11 matches found

CVE•added 2017/05/11 1:29 a.m.•1205 views

CVE-2017-8798

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

9.8CVSS9.5AI score0.27288EPSS

CVE•added 2019/11/01 12:15 p.m.•224 views

CVE-2013-2600

MiniUPnPd has information disclosure use of snprintf()

7.5CVSS7.2AI score0.00493EPSS

CVE•added 2019/05/15 11:29 p.m.•216 views

CVE-2019-12111

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.

7.5CVSS7.1AI score0.0103EPSS

CVE•added 2018/01/03 2:29 p.m.•204 views

CVE-2017-1000494

Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd

7.8CVSS7.7AI score0.0017EPSS

CVE•added 2019/05/15 11:29 p.m.•168 views

CVE-2019-12109

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.

7.5CVSS7.1AI score0.00539EPSS

CVE•added 2019/05/15 11:29 p.m.•156 views

CVE-2019-12108

A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.

7.5CVSS7.1AI score0.00539EPSS

CVE•added 2019/05/15 11:29 p.m.•148 views

CVE-2019-12106

The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability.

7.5CVSS7.4AI score0.00689EPSS

CVE•added 2013/01/31 9:55 p.m.•96 views

CVE-2013-0229

The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.

7.8CVSS6.7AI score0.74349EPSS

Web

CVE•added 2013/01/31 9:55 p.m.•88 views

CVE-2013-0230

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.

10CVSS8AI score0.80141EPSS

Web

CVE•added 2013/01/31 9:55 p.m.•54 views

CVE-2013-1461

The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-...

7.8CVSS6.6AI score0.80141EPSS

CVE•added 2013/01/31 9:55 p.m.•44 views

CVE-2013-1462

Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability ...

7.8CVSS6.5AI score0.80141EPSS