CVE-2021-31718

CVE-2021-31718

EPSS 1.0%

The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://framagit.org/medoc92/npupnp https://www.lesbonscomptes.com/upmpdcli/npupnp-doc/libnpupnp.html http://www.openwall.com/lists/oss-security/2021/04/25/2