CVE-2020-28926

{"id": "CVE-2020-28926", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2020-11-30T18:15:11.473", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://sourceforge.net/projects/minidlna/", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2020/dsa-4806", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://sourceforge.net/projects/minidlna/", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.debian.org/security/2020/dsa-4806", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.rootshellsecurity.net/remote-heap-corruption-bug-discovery-minidlna/", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-120"}]}], "descriptions": [{"lang": "en", "value": "ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove."}, {"lang": "es", "value": "ReadyMedia (tambi\u00e9n se conoce como MiniDLNA) versiones anteriores a 1.3.0, permite una ejecuci\u00f3n de c\u00f3digo remota. Mediante el env\u00edo de una petici\u00f3n HTTP UPnP maliciosa hacia el servicio miniDLNA usando la codificaci\u00f3n HTTP fragmentada puede conllevar un bug de firma resultando en un desbordamiento del b\u00fafer en unas llamadas hacia memcpy/memmove"}], "lastModified": "2024-11-21T05:23:18.590", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:readymedia_project:readymedia:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5709FACD-4292-40F1-9A07-C933FC947D5F", "versionEndExcluding": "1.3.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}