What is CVE-2013-0229?

CVE-2013-0229 is a vulnerability in Miniupnp_project Miniupnpd. Published 2013-01-31.

Is CVE-2013-0229 known to be exploited?

7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Miniupnp_project Miniupnpd

CVE-2013-0229

The ProcessSSDPRequest function in minissdp.c in the SSDP handler in MiniUPnP MiniUPnPd before 1.4 allows remote attackers to cause a denial of service (service crash) via a crafted request that triggers a buffer over-read.

EPSS: 0.743 (98.9th percentile) — read the EPSS interpretation.

Affected products

Miniupnp_project Miniupnpd — versions 1.0, 1.1, 1.2
N/a — versions n/a

Public proof-of-concept exploits

lochiiconnectivity/vulnupnp
rapid7/metasploit-framework
rapid7/metasploit-framework
CVEDB/awesome-cve-repo
ARPSyndicate/cvemon
ARPSyndicate/cve-scores
CVEDB/PoC-List

References

secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (x_refsource_MISC)
secalert@redhat.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2013-0229?: CVE-2013-0229 is a vulnerability in Miniupnp_project Miniupnpd. Published 2013-01-31.
Is CVE-2013-0229 known to be exploited?: 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.