A NULL-pointer dereference has been found in libupnp <= 1.12.1, in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c, allowing a remote attacker to cause a denial of service (crash) via a crafted SSDP message.
A NULL-pointer dereference has been found in libupnp <= 1.12.1, in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c, allowing a remote attacker to cause a denial of service (crash) via a crafted SSDP message.
https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0