/dev/posts/

DNS rebinding on ReadyMedia/minidlna v1.3.0 and below

Published:

A DNS rebinding vulnerability I found in ReadyMedia (formerly MiniDLNA) v1.3.0 and below. This is CVE-2022-26505.

Read more…

DNS rebinding vulnerability in GUPnP

Published:

GUPnP, a GNOME library for Universal Plug and Play (UPnP), was vulnerable to DNS rebinding attacks. This is CVE-2021-33516 and GUPnP issue #24. This was fixed in GUPnP 1.0.7 and GUPnP 1.2.5.

Read more…

DNS rebinding vulnerability in pupnp and npupnp

Published:

I found that pupnp was vulnerable to DNS rebinding attacks. npupnp, a fork a pupnp, was impacted as well. This is demonstrated using Gerbera a UPnP MediaServer.

Read more…

Introduction to UPnP

Published:

This post gives simple explanations of how UPnP (Universal Plug-and-Play) works, especially with the goal of testing the security devices such as routers, smart TVs, etc.

Read more…

DNS rebinding vulnerability in Samsung SmartTV UPnP

Published:

I found a DNS rebinding vulnerability on the Universal Plug-and-Play (UPnP) interface of the Samsung TV UE40F6320 (v1.0), from 2011. This could be used, for example, to change the channel, to know which channel is currently used or open the builtin browser to any URI.

Read more…

DNS rebinding vulnerabilities in Freebox

Published:

I found some DNS rebinding vulnerabilities in Freebox devices (CVE-2020-24374, CVE-2020-24375, CVE-2020-24376, CVE-2020-24377) as well as a Cross Site Request Forgery (CSRF) vulnerability (CVE-2020-24373). These vulnerabilities were fixed in 2020-08-05.

Read more…

Page 1 of 1 | | | JSON Feed | Atom Feed