ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2020-11-30T17:09:40
Updated: 2024-08-04T16:40:59.981Z
Reserved: 2020-11-18T00:00:00
Link: CVE-2020-28926
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-11-30T18:15:11.473
Modified: 2022-08-06T03:48:57.767
Link: CVE-2020-28926
Redhat
No data.