Volerion logoVolerion
Volerion logoVolerion

MiniUPnP miniupnpd Integer Underflow Vulnerability in SOAPAction Header Parsing Allowing Denial-of-Service and Information Disclosure

Vulnerability

A denial-of-service and information disclosure vulnerability has been identified in the MiniUPnP daemon (miniupnpd) versions prior to 2.3.10. The issue arises from an integer underflow in the parsing of the SOAPAction header, which remote attackers can exploit by sending a malformed header containing a single quote. This exploitation triggers an out-of-bounds memory read by manipulating the length validation in the 'ParseHttpHeaders()' function. The underflow causes the length to be interpreted as a large unsigned value, leading the process to read memory far beyond the allocated buffer for the HTTP request.

Impact

Exploitation of this vulnerability causes a denial-of-service condition and allows for unauthorized information disclosure through out-of-bounds memory reads.

Remediation

Users can upgrade to MiniUPnP version 2.3.10 or later to address this vulnerability.

Added: Apr 17, 2026, 10:22 PM
Updated: Apr 17, 2026, 10:22 PM

Vulnerability Rating

Custom Algorithm
spread
8.7
impact
3.1
exploitability
8.4
remediation
7.7
relevance
6.1
threat
3.2
urgency
2.9
incentive
8.3

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.