USN-4970-1: GUPnP vulnerability

01 June 2021

GUPnP could allow unintended access to network services.

Releases

Packages

  • gupnp - framework for creating UPnP devices and control points

Details

It was discovered that GUPnP incorrectly filtered local requests. If a user
were tricked into visiting a malicious website, a remote attacker could
possibly use this issue to perform actions against local UPnP services such
as obtaining or altering sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 21.04
Ubuntu 20.10
Ubuntu 20.04

After a standard system update you need to reboot your computer to make all
the necessary changes.

References