CVE-2021-31718

CVE-2021-31718

EPSS 1.0%

The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution.

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://framagit.org/medoc92/npupnp https://www.lesbonscomptes.com/upmpdcli/npupnp-doc/libnpupnp.html http://www.openwall.com/lists/oss-security/2021/04/25/2