Vulnerabilities
Vulnerable Software
Realtek:  >> Jungle Sdk  Security Vulnerabilities
Realtek Jungle SDK version v2.x up to v3.4.14B provides a 'WiFi Simple Config' server that implements both UPnP and SSDP protocols. The binary is usually named wscd or mini_upnpd and is the successor to miniigd. The server is vulnerable to a heap buffer overflow that is present due to unsafe crafting of SSDP NOTIFY messages from received M-SEARCH messages ST header.
CVSS Score
7.5
EPSS Score
0.815
Published
2021-08-16
CVE-2021-35394
Known exploited
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers.
CVSS Score
9.8
EPSS Score
0.943
Published
2021-08-16


Contact Us

Shodan ® - All rights reserved