CVE-2024-51442

Name of the Vulnerable Software and Affected Versions Minidlna versions v1.3.3 and earlier

Description The issue allows an attacker to execute arbitrary OS commands via a specially crafted minidlna.conf configuration file. This is due to command injection in Minidlna, where an attacker can exploit improper neutralization of special elements used in a command.

Recommendations For Minidlna versions v1.3.3 and earlier, update to a version later than v1.3.3 to resolve the issue. As a temporary workaround, consider restricting access to the minidlna.conf configuration file to minimize the risk of exploitation.