Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
DNS rebinding in pupnp
Vulnerability Description
The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp (libupnp) appears to be vulnerable to DNS rebinding attacks because it does not check the value of the `Host` header. This can be mitigated by using DNS revolvers which block DNS-rebinding attacks. The vulnerability is fixed in version 1.14.6 and later.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
Vulnerability Type
输入验证不恰当
Vulnerability Title
UPnP 数据伪造问题漏洞
Vulnerability Description
UPnP是Open Connectivity Foundation基金会的一款通用即插即用协议。 UPnP Devices 中的Portable SDK 1.14.6版本及之后版本存在数据伪造问题漏洞,该漏洞源于它不检查“主机”报头的值。
CVSS Information
N/A
Vulnerability Type
N/A