CVE-2019-12611

Name of the Vulnerable Software and Affected Versions Bitdefender BOX firmware versions prior to 2.1.37.37-34

Description An issue affects the general reliability of the product. Specially crafted packets sent to the miniupnpd implementation result in the device allocating memory without freeing it later. This behavior can cause the miniupnpd component to crash or trigger a device reboot.

Recommendations For versions prior to 2.1.37.37-34, update to version 2.1.37.37-34 or later to resolve the issue. As a temporary workaround, consider restricting access to the miniupnpd component to minimize the risk of exploitation.