Vulnerability in N/a
CVE-2018-13416
In Universal Media Server (UMS) 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrar…
EPSS: 0.558 (98.1th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
References
- 45133 (exploit, x_refsource_EXPLOIT-DB)
- 20180731 Out-of-Band XXE in Universal Media Server's SSDP Processing (mailing-list, x_refsource_FULLDISC)