CVE-2021-29462 log

Severity High
Remote Yes
Type Content spoofing
The server part of pupnp (libupnp) appears to be vulnerable to DNS rebinding attacks because it does not check the value of the `Host` header. This can be mitigated by using DNS revolvers which block DNS-rebinding attacks. The vulnerability is fixed in version 1.14.6 and later.
Group Package Affected Fixed Severity Status Ticket
AVG-1844 libupnp 1.14.5-1 1.14.6-1 High Fixed
Date Advisory Group Package Severity Type
29 Apr 2021 ASA-202104-8 AVG-1844 libupnp High content spoofing