An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x befo ...

Security update for gupnp

Security update for gupnp

Security update for gupnp

Security update for gupnp

Important: gupnp security update

An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victim's browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.

ELSA-2021-2417: gupnp security update (IMPORTANT)

ELSA-2021-2363: gupnp security update (IMPORTANT)

Уязвимость фреймворка для UPnP-устройств GUPnP, связанная с зависимостью критичных действий от обратного DNS-решения, позволяющая нарушителю получить доступ к конфиденциальным данным и нарушить их целостность