CVE-2021-33516 log
Source |
|
Severity | Medium |
Remote | Yes |
Type | Information disclosure |
Description | An issue was discovered in GUPnP before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tampering, etc. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-1985 | gupnp | 1.2.4-1 | 1.2.6-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
25 May 2021 | ASA-202105-26 | AVG-1985 | gupnp | Medium | information disclosure |