E19-zukp1
CVSS:
10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C)
False Positive:
t
Variants:
2
Year:
2014
Description
This strike exploits a remote code execution on Realtek SDK Miniigd UPnP SOAP service. This vulnerability is due to improper handling of the parameter under xml tag when a client sends SOAP traffic to the server. A remote unauthenticated attacker can exploit this vulnerability by sending crafted http requests to the target server. Successful exploitation results in remote code execution.
CVE
References
MSB
BID
ExploitDB
Secunia
Security Tracker
Metasploit
ZDI
OSVDB
{}