DNS rebinding in ReadyMedia (formerly MiniDLNA)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-26505 |
| CWE-ID | CWE-350 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
ReadyMedia (formerly MiniDLNA) Server applications / Other server solutions |
| Vendor | Jakub Vrána |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) DNS rebinding
EUVDB-ID: #VU61051
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-26505
CWE-ID:
CWE-350 - Reliance on Reverse DNS Resolution for a Security-Critical Action
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform DNS rebinding attacks.
The vulnerability exists due to the application is prone to DNS rebinding attacks. A remote attacker can trick the victim browser into triggering arbitrary UPnP requests on the local DLNA server and obtain results of such actions, including the ability to read shared files.
Install updates from vendor's website.
Vulnerable software versionsReadyMedia (formerly MiniDLNA): 1.0.15 - 1.3.0
CPE2.3- cpe:2.3:a:jakub_vrána:minidlna:1.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:jakub_vrána:minidlna:1.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:jakub_vrána:minidlna:1.0.18:*:*:*:*:*:*:*
https://www.openwall.com/lists/oss-security/2022/03/03/1
https://sourceforge.net/p/minidlna/git/ci/c21208508dbc131712281ec5340687e5ae89e940/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
