CVE-2021-31718

CVE-2021-31718

EPSS 1.0%

The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://framagit.org/medoc92/npupnp https://www.lesbonscomptes.com/upmpdcli/npupnp-doc/libnpupnp.html http://www.openwall.com/lists/oss-security/2021/04/25/2