Vulnerabilities (CVE)

Filtered by vendor Libupnp Project Subscribe

Filtered by product Libupnp

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-13848	2 Debian, Libupnp Project	2 Debian Linux, Libupnp	2021-03-08	5.0 MEDIUM	7.5 HIGH
Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c.
CVE-2016-6255	2 Debian, Libupnp Project	2 Debian Linux, Libupnp	2017-11-03	5.0 MEDIUM	7.5 HIGH
Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler.