CVE-2013-0230

EXPLOITED

Miniupnpd - Memory Corruption

Title source: rule

Description

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method.

Exploits (4)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/25975
exploitdb WORKING POC
by Todor Donev · perldoshardware
https://www.exploit-db.com/exploits/37517
exploitdb WORKING POC
by Onur Alanbel (BGA) · pythonremotemultiple
https://www.exploit-db.com/exploits/36839
metasploit WORKING POC NORMAL
by hdm, Dejan Lukan, Onur ALANBEL · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/upnp/miniupnpd_soap_bof.rb

References (5)

Scores

EPSS 0.6594
EPSS Percentile 98.5%

Details

VulnCheck KEV 2018-07-13
CWE
CWE-119
Status published
Products (1)
miniupnp_project/miniupnpd 1.0
Published Jan 31, 2013
Tracked Since Feb 18, 2026