PT-2020-6255 · Libupnp+3 · Portable Upnp Sdk+3

Pjlantz

Published

2020-06-04

Updated

2021-04-07

CVE-2020-13848

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Portable UPnP SDK (aka libupnp) versions 1.12.1 and earlier

Description The issue is related to a NULL pointer dereference in the FindServiceControlURLPath and FindServiceEventURLPath functions, which can be exploited by remote attackers to cause a denial of service (crash) via a crafted SSDP message. This is due to errors in pointer handling within the library.

Recommendations For Portable UPnP SDK (aka libupnp) versions 1.12.1 and earlier, consider disabling the FindServiceControlURLPath and FindServiceEventURLPath functions as a temporary workaround until a patch is available. Restrict access to the genlib/service table/service table.c module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALT-PU-2020-2830

BDU:2021-03726

CVE-2020-13848

DLA-2238-1

DLA-2585-1

MGASA-2020-0270

OESA-2021-1142

OPENSUSE-SU-2020:0805-1

OPENSUSE-SU-2020:0821-1

OPENSUSE-SU-2020_0805-1

Affected Products

Alt Linux

Debian

Portable Upnp Sdk

Suse

PT-2020-6255 · Libupnp+3 · Portable Upnp Sdk+3

CVE-2020-13848

Weakness Enumeration

Related Identifiers

Affected Products

References · 36