CVE-2020-28926 log

Severity High
Remote Yes
Type Arbitrary code execution
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.
Group Package Affected Fixed Severity Status Ticket
AVG-1321 minidlna 1.2.1-5 1.3.0-1 High Fixed
Date Advisory Group Package Severity Type
09 Dec 2020 ASA-202012-15 AVG-1321 minidlna High arbitrary code execution