vulnerability

Ubuntu: USN-4794-1 (CVE-2016-8863): libupnp vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Mar 7, 2017	Mar 22, 2023	May 5, 2025

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Mar 7, 2017

Added

Mar 22, 2023

Modified

May 5, 2025

Description

Matthew Garrett discovered that libupnp mishandled POST requests by
default. An attacker could use this vulnerability to write files to
arbitrary locations in the victim's filesystem, possibly as root.
(CVE-2016-6255)

It was discovered that libupnp mishandled certain input. A remote attacker
could use this vulnerability to cause a denial of service (crash) or
possibly execute arbitrary code. (CVE-2016-8863)

Solution

ubuntu-pro-upgrade-libupnp6

References

CVE-2016-8863
https://attackerkb.com/topics/CVE-2016-8863
DEBIAN-DSA-3736
UBUNTU-USN-4794-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today