logo
DATABASE RESOURCES PRICING ABOUT US

Remote Code Execution (RCE)

Description

MiniDLNA is vulnerable to remote code execution. An attacker is able to send a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.


Affected Software


CPE Name Name Version
minidlna:buster 1.2.1+dfsg-1+b2
minidlna:buster 1.2.1+dfsg-1+b1
minidlna:3.12 1.2.1-r1
minidlna:sid 1.2.1+dfsg-2
minidlna:bullseye 1.2.1+dfsg-2
minidlna:focal 1.2.1+dfsg-1build1
minidlna:edge 1.2.1-r1

Related