CVE-2020-13848
- EPSS 3.24%
- Veröffentlicht 04.06.2020 20:15:12
- Zuletzt bearbeitet 21.11.2024 05:01:59
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in gen...
CVE-2016-8863
- EPSS 28.98%
- Veröffentlicht 07.03.2017 16:59:01
- Zuletzt bearbeitet 20.04.2025 01:37:25
Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a valid URI followed...
CVE-2016-6255
- EPSS 56.73%
- Veröffentlicht 07.03.2017 16:59:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler.
- EPSS 88.13%
- Veröffentlicht 31.01.2013 21:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) before 1.6.18 allows remote attackers to execute arbi...
- EPSS 70.13%
- Veröffentlicht 31.01.2013 21:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP Devices (aka libupnp, formerly the Intel SDK for UPnP devices) 1.3.1 allows remote attackers to execute arbitrary co...