CVE-2021-29462

The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp (libupnp) appears to be vulnerable to DNS rebinding attacks because it does not check the value of the `Host` header. This can be mitigated by using DNS revolvers which block DNS-rebinding attacks. The vulnerability is fixed in version 1.14.6 and later.

CVSS v3 7.6 HIGH
CVSS v2.0 7.5 HIGH

7.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.1 / Impact : 5.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact LOW

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2021/04/20/4	Mailing List Third Party Advisory
https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg	Third Party Advisory
http://www.openwall.com/lists/oss-security/2021/04/20/4	Mailing List Third Party Advisory
https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:pupnp_project:pupnp:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:01

Type	Values Removed	Values Added
CVSS	v2 : ~~7.5~~ v3 : ~~9.8~~	v2 : 7.5 v3 : 7.6
References	~~() http://www.openwall.com/lists/oss-security/2021/04/20/4 - Mailing List, Third Party Advisory~~	() http://www.openwall.com/lists/oss-security/2021/04/20/4 - Mailing List, Third Party Advisory
References	~~() https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg - Third Party Advisory~~	() https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg - Third Party Advisory

Information

Published : 2021-04-20 21:15

Updated : 2024-11-21 06:01

NVD link : CVE-2021-29462

Mitre link : CVE-2021-29462

CVE.ORG link : CVE-2021-29462

JSON object : View

Products Affected

pupnp_project

pupnp

CWE

CWE-20

Improper Input Validation

CWE-345

Insufficient Verification of Data Authenticity

{"id": "CVE-2021-29462", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.5, "exploitabilityScore": 2.1}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2021-04-20T21:15:08.493", "references": [{"url": "http://www.openwall.com/lists/oss-security/2021/04/20/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg", "tags": ["Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "http://www.openwall.com/lists/oss-security/2021/04/20/4", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://github.com/pupnp/pupnp/security/advisories/GHSA-6hqq-w3jq-9fhg", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-20"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-345"}]}], "descriptions": [{"lang": "en", "value": "The Portable SDK for UPnP Devices is an SDK for development of UPnP device and control point applications. The server part of pupnp (libupnp) appears to be vulnerable to DNS rebinding attacks because it does not check the value of the `Host` header. This can be mitigated by using DNS revolvers which block DNS-rebinding attacks. The vulnerability is fixed in version 1.14.6 and later."}, {"lang": "es", "value": "El SDK Port\u00e1til para Dispositivos UPnP es un SDK para el desarrollo de aplicaciones de puntos de control y dispositivos UPnP. La parte del servidor de pupnp (libupnp) parece ser vulnerable a los ataques de reenlace de DNS porque no comprueba el valor del encabezado \"Host\". Esto puede ser mitigado al usar resolutores de DNS que bloquean los ataques DNS-rebinding. La vulnerabilidad se corrigi\u00f3 en versi\u00f3n 1.14.6 y posteriores"}], "lastModified": "2024-11-21T06:01:09.723", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:pupnp_project:pupnp:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2AF559B8-B988-40BE-8BFA-91EB27B7BF6B", "versionEndExcluding": "1.14.6"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}