CVE-2017-8798

CRITICAL

MiniUPnP MiniUPnPc 1.4.20101221-2.0 - Denial of Service via Integer Signedness Error

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2017-8798. PoCs published by tintinweb, not-tlynch.

AI-analyzed exploit summary The exploit demonstrates an integer signedness error in miniupnpc's `getHTTPResponse` function, allowing remote attackers to trigger a denial of service (DoS) via a crafted chunked-encoded HTTP response with a negative chunk length. The PoC leverages SSDP discovery to direct UPnP clients to a malicious server, which then sends the malformed response to exploit the vulnerability.

Description

Integer signedness error in MiniUPnP MiniUPnPc v1.4.20101221 through v2.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact.

Exploits (2)

exploitdb WORKING POC

by tintinweb · textdosmultiple

https://www.exploit-db.com/exploits/43501

View Code ZIP pw:eip

The exploit demonstrates an integer signedness error in miniupnpc's `getHTTPResponse` function, allowing remote attackers to trigger a denial of service (DoS) via a crafted chunked-encoded HTTP response with a negative chunk length. The PoC leverages SSDP discovery to direct UPnP clients to a malicious server, which then sends the malformed response to exploit the vulnerability.

Classification

Working Poc 100%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: miniupnpc v2.0 and earlier (>= v1.4.20101221)

No auth needed

Prerequisites: Network access to the target's local segment · UPnP client actively performing SSDP discovery

MITRE ATT&CK

T1499.004 - Application or System Exploitation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP

by not-tlynch · poc

https://github.com/not-tlynch/home-network-security-assessment

View Code ZIP pw:eip

This repository documents a security assessment identifying CVE-2017-8798 on an internet-facing UPnP service, detailing Nmap methodology and Suricata rules for monitoring port 1900 traffic. It does not contain exploit code but provides technical context around detection and monitoring.

Classification

Writeup 80%

Attack Type

Other

Complexity

Moderate

Reliability

Theoretical

Target: UPnP service (unspecified version)

No auth needed

Prerequisites: internet-facing UPnP service · Nmap for scanning · Suricata for traffic monitoring

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Jun 02, 2026 Full analysis →

References (3)

Core 3

Core References

Release Notes, Vendor Advisory x_refsource_misc

http://miniupnp.free.fr/files/changelog.php?file=miniupnpc-2.0.20170509.tar.gz

Exploit, Third Party Advisory x_refsource_misc

https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-8798

Mailing List mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2020/04/msg00027.html

Scores

CVSS v3 9.8

EPSS 0.2403

EPSS Percentile 97.6%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (6)

miniupnp_project/miniupnpd 1.4

miniupnp_project/miniupnpd 1.5

miniupnp_project/miniupnpd 1.7

miniupnp_project/miniupnpd 1.8

miniupnp_project/miniupnpd 1.9

miniupnp_project/miniupnpd 2.0

Published May 11, 2017

Tracked Since Feb 18, 2026