CVE-2021-35392

Name of the Vulnerable Software and Affected Versions Realtek Jungle SDK versions v2.x up to v3.4.14B

Description The issue is caused by a heap buffer overflow in the WiFi Simple Config server, which implements both UPnP and SSDP protocols. This overflow is due to the unsafe crafting of SSDP NOTIFY messages from received M-SEARCH messages ST header. An attacker, acting remotely, can exploit this issue by sending specially crafted messages, potentially allowing them to execute arbitrary code.

Recommendations For Realtek Jungle SDK versions v2.x up to v3.4.14B, consider disabling the wscd or mini upnpd binary until a patch is available to prevent exploitation of the heap buffer overflow vulnerability. Restrict access to the SSDP protocol to minimize the risk of receiving maliciously crafted SSDP NOTIFY messages. Avoid using the WiFi Simple Config server until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.