Libupnp Project Libupnp — known CVE vulnerabilities
Every CVE whose affected-product data names Libupnp Project Libupnp, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2012-5958 — CVSS 10.0 (critical): Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP…
CVE-2012-5961 — CVSS 10.0 (critical): Stack-based buffer overflow in the unique_service_name function in ssdp/ssdp_server.c in the SSDP parser in the portable SDK for UPnP…
CVE-2016-8863 — CVSS 9.8 (critical): Heap-based buffer overflow in the create_url_list function in gena/gena_device.c in Portable UPnP SDK (aka libupnp) before 1.6.21 allows…
CVE-2016-6255 — CVSS 7.5 (high): Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without…
CVE-2020-13848 — CVSS 7.5 (high): Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message…