DNS Rebinding Vulnerability in npupnp Server (Version 4.1.4 and below) Allows Remote Code Execution

DNS Rebinding Vulnerability in npupnp Server (Version 4.1.4 and below) Allows Remote Code Execution

CVE-2021-31718 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

The server in npupnp before 4.1.4 is affected by DNS rebinding in the embedded web server (including UPnP SOAP and GENA endpoints), leading to remote code execution.

Learn more about our Cis Benchmark Audit For Bind.