SB2021061018 - DNS-rebinding attack in GUPnP

Description

This security bulletin contains information about 1 vulnerability.

1) Reliance on Reverse DNS Resolution for a Security-Critical Action (CVE-ID: CVE-2021-33516)

CWE-ID: CWE-350 - Reliance on Reverse DNS Resolution for a Security-Critical Action

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

The vulnerability allows a remote attacker to perform DNS rebinding attacks.

The vulnerability exists due to a logic issue in GUPnP. A remote attacker can trick a victim's browser into triggering actions against local UPnP services implemented using this library and gain access to sensitive information (e.g. data exfiltration) or tamper with data.

Remediation

Install update from vendor's website.

References

• https://gitlab.gnome.org/GNOME/gupnp/-/issues/24
• https://discourse.gnome.org/t/security-relevant-releases-for-gupnp-issue-cve-2021-33516/6536