Scott Tenaglia

**Name of the Vulnerable Software and Affected Versions** Portable UPnP SDK (aka libupnp) versions prior to 1.6.21 **Description** The issue is related to a heap-based buffer overflow in the create url list function. This can be triggered by sending a valid URI followed by an invalid one in the CALLBACK header of an SUBSCRIBE request, potentially allowing remote attackers to cause a denial of service or possibly execute arbitrary code. **Recommendations** For versions prior to 1.6.21, update to version 1.6.21 or later to resolve the issue.