Arbitrary File Write Vulnerability in Portable UPnP SDK (libupnp)

Arbitrary File Write Vulnerability in Portable UPnP SDK (libupnp)

CVE-2016-6255 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Portable UPnP SDK (aka libupnp) before 1.6.21 allows remote attackers to write to arbitrary files in the webroot via a POST request without a registered handler.

Learn more about our Web App Pen Testing.