logo
DATABASE RESOURCES PRICING ABOUT US

ReadyMedia (MiniDLNA) vulnerabilities

Description

It was discovered that ReadyMedia (MiniDLNA) allowed subscription requests with a delivery URL on a different network segment than the fully qualified event- subscription URL. An attacker could use this to hijack smart devices and cause denial of service attacks. (CVE-2020-12695) It was discovered that ReadyMedia (MiniDLNA) allowed remote code execution. A remote attacker could send a malicious UPnP HTTP request to the service using HTTP chunked encoding and cause a denial of service. (CVE-2020-28926)


Affected Package


OS OS Version Package Name Package Version
Ubuntu 20.10 minidlna 1.2.1+dfsg-2ubuntu0.1
Ubuntu 20.04 minidlna 1.2.1+dfsg-1ubuntu0.20.04.1
Ubuntu 20.04 minidlna-dbgsym 1.2.1+dfsg-1ubuntu0.20.04.1
Ubuntu 18.04 minidlna 1.2.1+dfsg-1ubuntu0.18.04.1
Ubuntu 18.04 minidlna-dbgsym 1.2.1+dfsg-1ubuntu0.18.04.1
Ubuntu 16.04 minidlna 1.1.5+dfsg-2ubuntu0.1
Ubuntu 16.04 minidlna-dbgsym 1.1.5+dfsg-2ubuntu0.1

Related