Software Engineering Institute

CERT Coordination Center

Search

14 Results

VU#339275: Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations

Published June 08, 2020 Updated July 08, 2020

VU#361684: Router devices do not implement sufficient UPnP authentication and security

Published August 31, 2015 Updated January 04, 2016

VU#184540: Incorrect implementation of NAT-PMP in multiple devices

Published October 23, 2014 Updated June 29, 2015

VU#939260: ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities

Published April 11, 2014 Updated April 16, 2014

VU#800094: Dahua Security DVRs contain multiple vulnerabilities

Published September 13, 2013 Updated December 04, 2013

VU#922681: Portable SDK for UPnP Devices (libupnp) contains multiple buffer overflows in SSDP

Published January 29, 2013 Updated July 30, 2014

VU#357851: UPnP requests accepted over router WAN interfaces

Published October 05, 2011 Updated November 30, 2012

VU#347812: UPnP enabled by default in multiple devices

Published January 15, 2008 Updated July 22, 2008

VU#116100: Apple Mac OS X iChat UPnP buffer overflow

Published May 25, 2007 Updated May 29, 2007

VU#221876: Apple Mac OS X mDNSResponder buffer overflow vulnerability

Published May 25, 2007 Updated June 20, 2007

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis

Carnegie Mellon University
Software Engineering Institute
4500 Fifth Avenue
Pittsburgh, PA 15213-2612
412-268-5800

Office Locations | Additional Sites Directory | Legal | Privacy Notice | CMU Ethics Hotline | www.sei.cmu.edu

©2025 Carnegie Mellon University

Contact SEI

Contact CERT/CC

412-268-5800
cert@cert.org