CVE-2013-2600Sensitive Information Exposure in Miniupnpd

CWE-200Sensitive Information Exposure7 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 34.27%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Miniupnp Project MiniupnpdDebian MiniupnpdDebian Linux
Timeline
PublishedNov 1
Latest updateMay 5

Description

MiniUPnPd has information disclosure use of snprintf()

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

debiandebian/miniupnpd< miniupnpd 1.8.20130730-1 (bookworm)
Debianminiupnp_project/miniupnpd< 1.8.20130730-1+3

Also affects: Debian Linux 10.0, 8.0, 9.0

🔴Vulnerability Details

2
GHSA
GHSA-2xjx-3p25-hm8x: MiniUPnPd has information disclosure use of snprintf()2022-05-05
OSV
CVE-2013-2600: MiniUPnPd has information disclosure use of snprintf()2019-11-01

💥Exploits & PoCs

1
Exploit-DB
Elemata CMS RC3.0 - 'global.php?id' SQL Injection2013-06-24

📋Vendor Advisories

1
Debian
CVE-2013-2600: miniupnpd - MiniUPnPd has information disclosure use of snprintf()2013

💬Community

2
Bugzilla
CVE-2013-2600 miniupnpd: information disclosuer in snprinf() [fedora-all]2019-11-05
Bugzilla
CVE-2013-2600 miniupnpd: information disclosuer in snprinf()2019-11-05