CVE-2021-33516
Description
GUPnP before 1.0.7 and 1.2.5 is vulnerable to DNS rebinding, enabling malicious websites to interact with local UPnP services for data exfiltration or tampering.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
GUPnP before 1.0.7 and 1.2.5 is vulnerable to DNS rebinding, enabling malicious websites to interact with local UPnP services for data exfiltration or tampering.
Vulnerability
GUPnP versions before 1.0.7 and 1.2.5 (including 1.1.x and 1.2.x prior to 1.2.5) lack proper validation of the HTTP Host header, allowing DNS rebinding attacks. This flaw enables a remote web server to trick a victim's browser into sending requests to local UPnP services implemented with GUPnP. [1]
Exploitation
An attacker needs to host a malicious website and lure a victim into visiting it. The victim's browser, due to DNS rebinding, resolves the attacker's domain to a local IP address, causing requests to be sent to UPnP services on the victim's network. No authentication is required from the attacker's side. The attack proceeds when the victim's browser interacts with the malicious site, which triggers actions against local UPnP services. [1]
Impact
Successful exploitation allows the attacker to perform unauthorized actions on local UPnP services, such as data exfiltration (reading sensitive information) or data tampering (modifying data or device state). The exact impact depends on the specific UPnP service exposed. [1]
Mitigation
The vulnerability is fixed in GUPnP versions 1.0.7 and 1.2.5, released on May 24, 2021. Upgrading to these versions or later is strongly recommended. As a workaround, using a DNS resolver that prevents DNS rebinding can mitigate the attack. Note that the fix may cause compatibility issues with older, non-compliant UPnP clients. [1]
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
15- GUPnP/GUPnPdescription
- osv-coords13 versionspkg:rpm/almalinux/gupnppkg:rpm/almalinux/gupnp-develpkg:rpm/opensuse/gupnp&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/gupnp&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/gupnp&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gupnp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP2pkg:rpm/suse/gupnp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3pkg:rpm/suse/gupnp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2pkg:rpm/suse/gupnp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP3pkg:rpm/suse/gupnp&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5pkg:rpm/suse/gupnp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP5pkg:rpm/suse/gupnp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP2pkg:rpm/suse/gupnp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP3
< 1.0.6-2.el8_4+ 12 more
- (no CPE)range: < 1.0.6-2.el8_4
- (no CPE)range: < 1.0.6-2.el8_4
- (no CPE)range: < 1.2.2-lp152.2.3.1
- (no CPE)range: < 1.2.2-3.3.1
- (no CPE)range: < 1.2.7-2.2
- (no CPE)range: < 1.2.2-3.3.1
- (no CPE)range: < 1.2.2-3.3.1
- (no CPE)range: < 1.2.2-3.3.1
- (no CPE)range: < 1.2.2-3.3.1
- (no CPE)range: < 0.20.18-8.3.1
- (no CPE)range: < 0.20.18-8.3.1
- (no CPE)range: < 1.2.2-3.3.1
- (no CPE)range: < 1.2.2-3.3.1
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
2- discourse.gnome.org/t/security-relevant-releases-for-gupnp-issue-cve-2021-33516/6536mitrex_refsource_MISC
- gitlab.gnome.org/GNOME/gupnp/-/issues/24mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.