Miniupnp Project Miniupnpd vulnerabilities

14 known vulnerabilities affecting miniupnp_project/miniupnpd.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

CRITICAL2HIGH12

Vulnerabilities

Page 1 of 1

CVE-2026-5720HIGHCVSS 7.1fixed in 2.3.102026-04-17

CVE-2026-5720 [HIGH] CWE-125 CVE-2026-5720: miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remot miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting improper length validation in ParseHttpHeaders(), where the p

nvd

CVE-2013-2600HIGHCVSS 7.5v1.82019-11-01

CVE-2013-2600 [HIGH] CWE-200 CVE-2013-2600: MiniUPnPd has information disclosure use of snprintf() MiniUPnPd has information disclosure use of snprintf()

nvdosv

CVE-2019-12109HIGHCVSS 7.5≤ 2.12019-05-15

CVE-2019-12109 [HIGH] CWE-476 CVE-2019-12109: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer der A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port.

nvdosv

CVE-2019-12110HIGHCVSS 7.5≥ 0, < 2.1-62019-05-15

CVE-2019-12110 [HIGH] CVE-2019-12110: An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2 An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in upnpredirect.c.

osv

CVE-2019-12111HIGHCVSS 7.5≤ 2.12019-05-15

CVE-2019-12111 [HIGH] CWE-476 CVE-2019-12111: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer der A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c.

nvdosv

CVE-2019-12107HIGHCVSS 7.5≥ 0, < 2.1-62019-05-15

CVE-2019-12107 [HIGH] CVE-2019-12107: The upnp_event_prepare function in upnpevents The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd through 2.1 allows a remote attacker to leak information from the heap due to improper validation of an snprintf return value.

osv

CVE-2019-12108HIGHCVSS 7.5≤ 2.12019-05-15

CVE-2019-12108 [HIGH] CWE-476 CVE-2019-12108: A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer der A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port.

nvdosv

CVE-2019-12106HIGHCVSS 7.5v1.4v1.52019-05-15

CVE-2019-12106 [HIGH] CWE-416 CVE-2019-12106: The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability.

nvd

CVE-2017-1000494HIGHCVSS 7.8fixed in 2.02018-01-03

CVE-2017-1000494 [HIGH] CWE-119 CVE-2017-1000494: Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact

nvdosv

CVE-2017-8798CRITICALCVSS 9.8PoCv1.4v1.5+4 more2017-05-11

CVE-2017-8798 [CRITICAL] CWE-119 CVE-2017-8798: Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

nvd

CVE-2013-0230CRITICALCVSS 10.0PoCv1.02013-01-31

CVE-2013-0230 [CRITICAL] CWE-119 CVE-2013-0230: Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.

nvd

CVE-2013-1462HIGHCVSS 7.8v1.02013-01-31

CVE-2013-1462 [HIGH] CVE-2013-1462: Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP ser Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230.

nvd

CVE-2013-0229HIGHCVSS 7.8PoC≤ 1.3v1.0+2 more2013-01-31

CVE-2013-0229 [HIGH] CVE-2013-0229: The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 a The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.

nvd

CVE-2013-1461HIGHCVSS 7.8v1.02013-01-31

CVE-2013-1461 [HIGH] CVE-2013-1461: The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1 The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230.

nvd