← back
CVE-2019-12106

CVE-2019-12106

EPSS 2.8%
The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/miniupnp/miniupnp/commit/cd506a67e174a45c6a202eff182a712955ed6d6fhttps://lists.debian.org/debian-lts-announce/2019/05/msg00037.htmlhttps://www.vdoo.com/blog/security-issues-discovered-in-miniupnp