Home CVE Database CVE-2021-33516

CVE-2021-33516

Description

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim\'s browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.

Priority: MEDIUM
CVSS v3: 8.1
Publish Date: May 24, 2021
Related ID: --
CVSS v2: HIGH
Modified Date: May 28, 2021

Find out more about CVE-2021-33516 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Product Name Status Defect Fixed Downloads
Linux
Wind River Linux LTS 17 Won't Fix -- -- --
Wind River Linux 8 Legacy -- -- --
Wind River Linux 9 Legacy -- -- --
Wind River Linux 7 Not Vulnerable -- -- --
Wind River Linux LTS 21 Won't Fix -- -- --
Wind River Linux LTS 18 Won't Fix -- -- --
Wind River Linux LTS 19 Won't Fix -- -- --
Wind River Linux CD release Won't Fix -- -- --
VxWorks
VxWorks 7 Not Vulnerable -- -- --
VxWorks 6.9 Not Vulnerable -- -- --

Related Products

Product Name Status Defect Fixed Downloads

Comments

gupnp

Live chat
Online