CVE-2020-13848

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-13848
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13848.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-13848
Downstream
Related
Published
2020-06-04T20:15:12Z
Modified
2025-10-14T17:32:17.214850Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/servicetable/servicetable.c.

References

Affected packages

Git / github.com/pupnp/pupnp

Affected ranges

Type
GIT
Repo
https://github.com/pupnp/pupnp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
c805c1de1141cb22f74c0d94dd5664bda37398e0

Affected versions

Other

last_svn_trunk

release-1.*

release-1.10.0
release-1.10.1
release-1.12.0
release-1.12.1
release-1.8.0
release-1.8.1
release-1.8.2
release-1.8.3
release-1.8.4

Database specific 

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 475.0,
                "function_hash": "79463571561584144062505277369637722696"
            },
            "target": {
                "function": "FindServiceControlURLPath",
                "file": "upnp/src/genlib/service_table/service_table.c"
            },
            "signature_type": "Function",
            "source": "https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2020-13848-311146f5"
        },
        {
            "digest": {
                "line_hashes": [
                    "254190529166817382807138848221914790031",
                    "214114083820680281622544672170266650654",
                    "301047464421182607895720242849431359365",
                    "81402943769641128951445229135463046269",
                    "268095423369924427596958001589388859892",
                    "121601122071212668283904319526969823011",
                    "207533361033881441935682368798047477810",
                    "143810042312871380632822820588424683675",
                    "243103399775605709484282410288451755090",
                    "13462379172236721427370051320848755901",
                    "48730471418428396989306607678967666370",
                    "40318774815897256245049286170377712276"
                ],
                "threshold": 0.9
            },
            "target": {
                "file": "upnp/src/genlib/service_table/service_table.c"
            },
            "signature_type": "Line",
            "source": "https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2020-13848-dcef5ef7"
        },
        {
            "digest": {
                "length": 469.0,
                "function_hash": "278608183070523950197306677034382698640"
            },
            "target": {
                "function": "FindServiceEventURLPath",
                "file": "upnp/src/genlib/service_table/service_table.c"
            },
            "signature_type": "Function",
            "source": "https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0",
            "deprecated": false,
            "signature_version": "v1",
            "id": "CVE-2020-13848-dd9633ea"
        }
    ]
}