CVE-2020-13848

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-13848
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13848.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-13848
Downstream
Related
Published
2020-06-04T20:15:12.050Z
Modified
2026-04-16T04:40:20.428892804Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Portable UPnP SDK (aka libupnp) 1.12.1 and earlier allows remote attackers to cause a denial of service (crash) via a crafted SSDP message due to a NULL pointer dereference in the functions FindServiceControlURLPath and FindServiceEventURLPath in genlib/servicetable/servicetable.c.

References

Affected packages

Git / github.com/pupnp/pupnp

Affected ranges

Type
GIT
Repo
https://github.com/pupnp/pupnp
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2251e8c750023516bd9691b7ed510c8e16fc32de
Fixed
c805c1de1141cb22f74c0d94dd5664bda37398e0
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.12.1"
        }
    ]
}

Affected versions

Other
last_svn_trunk
release-1.*
release-1.10.0
release-1.10.1
release-1.12.0
release-1.12.1
release-1.8.0
release-1.8.1
release-1.8.2
release-1.8.3
release-1.8.4

Database specific

vanir_signatures_modified 
"2026-04-11T21:19:49Z"
vanir_signatures 
[
    {
        "id": "CVE-2020-13848-311146f5",
        "signature_version": "v1",
        "digest": {
            "function_hash": "79463571561584144062505277369637722696",
            "length": 475.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0",
        "target": {
            "function": "FindServiceControlURLPath",
            "file": "upnp/src/genlib/service_table/service_table.c"
        }
    },
    {
        "id": "CVE-2020-13848-dcef5ef7",
        "signature_version": "v1",
        "digest": {
            "line_hashes": [
                "254190529166817382807138848221914790031",
                "214114083820680281622544672170266650654",
                "301047464421182607895720242849431359365",
                "81402943769641128951445229135463046269",
                "268095423369924427596958001589388859892",
                "121601122071212668283904319526969823011",
                "207533361033881441935682368798047477810",
                "143810042312871380632822820588424683675",
                "243103399775605709484282410288451755090",
                "13462379172236721427370051320848755901",
                "48730471418428396989306607678967666370",
                "40318774815897256245049286170377712276"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "signature_type": "Line",
        "source": "https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0",
        "target": {
            "file": "upnp/src/genlib/service_table/service_table.c"
        }
    },
    {
        "target": {
            "function": "FindServiceEventURLPath",
            "file": "upnp/src/genlib/service_table/service_table.c"
        },
        "id": "CVE-2020-13848-dd9633ea",
        "digest": {
            "function_hash": "278608183070523950197306677034382698640",
            "length": 469.0
        },
        "deprecated": false,
        "signature_type": "Function",
        "source": "https://github.com/pupnp/pupnp/commit/c805c1de1141cb22f74c0d94dd5664bda37398e0",
        "signature_version": "v1"
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-13848.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    }
]