Skip to main content

CVE-2013-1461

Severity High
Score 7.8/10

Summary

The ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and service crash) via a SOAPAction header that lacks a # (pound sign) character, a different vulnerability than CVE-2013-0230.

  • LOW
  • NETWORK
  • NONE
  • NONE
  • NONE
  • COMPLETE

References

Advisory Timeline

  • Published