### [CVE-2019-12106](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12106)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and 1.5 allows a remote attacker to crash the process due to a Use After Free vulnerability.

### POC

#### Reference
- https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp
- https://www.vdoo.com/blog/security-issues-discovered-in-miniupnp

#### Github
No PoCs found on GitHub currently.