CVE Vulnerabilities

CVE-2018-11946

Published: Nov 27, 2018 | Modified: Nov 21, 2024
CVSS 3.x
6.5
MEDIUM
Source:
NVD
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS 2.x
6.1 MEDIUM
AV:A/AC:L/Au:N/C:N/I:C/A:N
RedHat/V2
RedHat/V3
Ubuntu

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, the UPnP daemon should not be running out of box because it enables port forwarding without authentication.

Affected Software

Name Vendor Start Version End Version
Android Google - (including) - (including)

References