CVE-2013-0229

EXPLOITED

Miniupnpd < 1.3 - Denial of Service

Title source: rule

Description

The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.

Exploits (5)

exploitdb WORKING POC VERIFIED

by Rapid7 · textdosmultiple

https://www.exploit-db.com/exploits/38249

View Code ZIP pw:eip

nomisec SCANNER 1 stars

by lochiiconnectivity · poc

https://github.com/lochiiconnectivity/vulnupnp

View Code ZIP pw:eip

exploitdb WORKING POC

perldoshardware

https://www.exploit-db.com/exploits/37517

View Code ZIP pw:eip

metasploit WORKING POC

by hdm, Dejan Lukan · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/upnp/miniupnpd_dos.rb

View Code ZIP pw:eip

metasploit SCANNER

by todb, hdm · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/upnp/ssdp_msearch.rb

View Code ZIP pw:eip

References (3)

[Third Party Advisory] https://community.rapid7.com/community/infosec/blog/2013/01/29/security-flaws-in-universal-plug-and-play-unplug-dont-play

[Third Party Advisory] https://community.rapid7.com/servlet/JiveServlet/download/2150-1-16596/SecurityFlawsUPnP.pdf

[Third Party Advisory] https://community.rapid7.com/servlet/servlet.FileDownload?file=00P1400000cCaFb

Scores

EPSS 0.7435

EPSS Percentile 98.9%

Details

VulnCheck KEV 2018-07-13

Status published

Products (4)

miniupnp_project/miniupnpd 1.0

miniupnp_project/miniupnpd 1.1

miniupnp_project/miniupnpd 1.2

miniupnp_project/miniupnpd < 1.3

Published Jan 31, 2013

Tracked Since Feb 18, 2026