This page lists publicly disclosed CVE vulnerabilities affecting miniupnp_project miniupnpd (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2026-5720 | miniupnpd contains an integer underflow vulnerability in SOAPAction header parsing that allows remote attackers to cause a denial of service or information disclosure by sending a malformed SOAPAction header with a single quote. Attackers can trigger an out-of-bounds memory read by exploiting improper length validation in ParseHttpHeaders(), where the parsed length underflows to a large unsigned value when passed to memchr(), causing the process to scan memory far beyond the allocated HTTP reque | [email protected] | 7.1 | 0.05% | 2026-04-17 | 2026-05-11 |
| CVE-2013-2600 | MiniUPnPd has information disclosure use of snprintf() | [email protected] | 7.5 | 0.49% | 2019-11-01 | 2024-11-21 |
| CVE-2019-12111 | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in copyIPv6IfDifferent in pcpserver.c. | [email protected] | 7.5 | 1.16% | 2019-05-15 | 2024-11-21 |
| CVE-2019-12109 | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for rem_port. | [email protected] | 7.5 | 0.54% | 2019-05-15 | 2024-11-21 |
| CVE-2019-12108 | A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 exists due to a NULL pointer dereference in GetOutboundPinholeTimeout in upnpsoap.c for int_port. | [email protected] | 7.5 | 0.54% | 2019-05-15 | 2024-11-21 |
| CVE-2019-12106 | The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability. | [email protected] | 7.5 | 0.65% | 2019-05-15 | 2024-11-21 |
| CVE-2017-1000494 | Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact | [email protected] | 7.8 | 0.08% | 2018-01-03 | 2024-11-21 |
| CVE-2017-8798 | Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact. | [email protected] | 9.8 | 24.38% | 2017-05-11 | 2026-05-13 |
| CVE-2013-1462 | Integer signedness error in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (incorrect memory copy) via a SOAPAction header that lacks a " (double quote) character, a different vulnerability than CVE-2013-0230. | [email protected] | 7.8 | 0.69% | 2013-01-31 | 2026-04-29 |
| CVE-2013-1461 | The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230. | [email protected] | 7.8 | 0.69% | 2013-01-31 | 2026-04-29 |
| CVE-2013-0230 | Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method. | [email protected] | 10.0 | 65.94% | 2013-01-31 | 2026-04-29 |
| CVE-2013-0229 | The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read. | [email protected] | 7.8 | 74.35% | 2013-01-31 | 2026-04-29 |