Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2013-0230

Published: 31/01/2013 Updated: 08/12/2016
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Miniupnpd

Vulnerability Summary

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote malicious users to execute arbitrary code via a long quoted method.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

miniupnp project miniupnpd 1.0

Exploits

Exploit DB: MiniUPnPd 1.0 (MIPS) - Remote Stack Overflow Remote Code Execution for AirTies RT Series
#!/usr/bin/env python # Exploit Title: MiniUPnPd 10 Stack Overflow RCE for AirTies RT Series # Date: 26042015 # Exploit Author: Onur ALANBEL (BGA) # Vendor Homepage: miniupnpfreefr/ # Version: 10 # Architecture: MIPS # Tested on: AirTies RT-204v3 # CVE : 2013-0230 # Exploit gives a reverse shell to lhost:lport # Details: wwwe ...
Exploit DB: MiniUPnPd 1.0 - Remote Stack Buffer Overflow Remote Code Execution (Metasploit)
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote include Msf::Exploit::Remote::HttpClient Ra ...
Exploit DB: INFOMARK IMW-C920W MiniUPnPd 1.0 - Denial of Service
#!/usr/bin/perl # # miniupnpd/10 remote denial of service exploit # # Copyright 2015 (c) Todor Donev # todordonev@gmailcom # wwwethical-hackerorg/ # wwwfacebookcom/ethicalhackerorg # # The SSDP protocol can discover Plug & Play devices, # with uPnP (Universal Plug and Play) SSDP is HTTP # like protocol and work ...
Exploit DB: MiniUPnPd 1.0 Stack Overflow
MiniUPnPd version 10 stack overflow remote code execution exploit for AirTies RT Series Provides a reverse shell ...
Exploit DB: MiniUPNPd 1.0 Remote Denial Of Service
MiniUPNPd version 10 remote denial of service exploit ...

Github Repositories

https://github.com/lochiiconnectivity/vulnupnp

Discover uPNP devices vulnerable to CVE-2013-0229 / CVE-2013-0230 / CVE-2012-5958 / CVE-2012-5959

vulnupnp Discover uPNP devices vulnerable to CVE-2013-0229 / CVE-2013-0230 / CVE-2012-5958 / CVE-2012-5959

References

CWE-119https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdfhttps://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-playhttps://community.rapid7.com/servlet/servlet.FileDownload?file=00P1400000cCaFbhttps://www.exploit-db.com/exploits/36839/http://www.securityfocus.com/bid/57608https://nvd.nist.govhttps://github.com/lochiiconnectivity/vulnupnphttps://www.exploit-db.com/exploits/36839/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30924CVE-2024-3400overflowCVE-2024-23528CVE-2024-21338CVE-2024-3818CVE-2024-23535NULL pointer dereferenceelevation of privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook