EPSS
Percentile
94.0%
MiniDLNA is vulnerable to remote code execution. An attacker is able to send a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.
lists.debian.org/debian-lts-announce/2020/12/msg00017.html
security-tracker.debian.org/tracker/CVE-2020-28926
sourceforge.net/projects/minidlna/
www.debian.org/security/2020/dsa-4806
www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/