An issue was discovered in GUPnP before 1.0.7 and 1.1.x and 1.2.x before 1.2.5. It allows DNS rebinding. A remote web server can exploit this vulnerability to trick a victims browser into triggering actions against local UPnP services implemented using this library. Depending on the affected service, this could be used for data exfiltration, data tempering, etc.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gupnp | Gnome | * | 1.0.7 (excluding) |
| Gupnp | Gnome | 1.1.0 (including) | 1.2.5 (excluding) |
| Red Hat Enterprise Linux 7 | RedHat | gupnp-0:1.0.2-6.el7_9 | * |
| Red Hat Enterprise Linux 8 | RedHat | gupnp-0:1.0.6-2.el8_4 | * |
| Red Hat Enterprise Linux 8.1 Extended Update Support | RedHat | gupnp-0:1.0.3-3.el8_1 | * |
| Red Hat Enterprise Linux 8.2 Extended Update Support | RedHat | gupnp-0:1.0.3-3.el8_2 | * |
| Gupnp | Ubuntu | bionic | * |
| Gupnp | Ubuntu | devel | * |
| Gupnp | Ubuntu | esm-infra/focal | * |
| Gupnp | Ubuntu | focal | * |
| Gupnp | Ubuntu | groovy | * |
| Gupnp | Ubuntu | hirsute | * |
| Gupnp | Ubuntu | impish | * |
| Gupnp | Ubuntu | jammy | * |
| Gupnp | Ubuntu | kinetic | * |
| Gupnp | Ubuntu | lunar | * |
| Gupnp | Ubuntu | mantic | * |
| Gupnp | Ubuntu | noble | * |
| Gupnp | Ubuntu | oracular | * |
| Gupnp | Ubuntu | plucky | * |
| Gupnp | Ubuntu | questing | * |
| Gupnp | Ubuntu | trusty | * |
| Gupnp | Ubuntu | xenial | * |