Miniupnp Project Miniupnpd — known CVE vulnerabilities
Every CVE whose affected-product data names Miniupnp Project Miniupnpd, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2013-0230 — CVSS 10.0 (critical): Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0…
CVE-2017-8798 — CVSS 9.8 (critical): Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly…
CVE-2026-5720 — CVSS 9.1 (critical): miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of…
CVE-2013-1462 — CVSS 7.8 (high): Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows…
CVE-2017-1000494 — CVSS 7.8 (high): Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause…
CVE-2013-1461 — CVSS 7.8 (high): The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a…
CVE-2013-0229 — CVSS 7.8 (high): The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a…
CVE-2019-12106 — CVSS 7.5 (high): The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After…
CVE-2019-12108 — CVSS 7.5 (high): A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout…
CVE-2019-12109 — CVSS 7.5 (high): A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout…
CVE-2019-12111 — CVSS 7.5 (high): A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in…