CVE-2020-13848 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
A NULL-pointer dereference has been found in libupnp <= 1.12.1, in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/service_table/service_table.c, allowing a remote attacker to cause a denial of service (crash) via a crafted SSDP message.
Group Package Affected Fixed Severity Status Ticket
AVG-1175 libupnp 1.6.25-2 Medium Vulnerable
References
https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0