Cisco s Talos security intelligence and research group found and privately disclosed a serious and trivially exploitable client-side bug in MiniUPnP. A successful exploit gives an attacker remote-code execution capabilities on a device, and quite likely further access inside the local network. The vulnerability in the library (CVE-2015-6031) is a buffer overflow, a bug in the XML parsing code in the IGDstartelt function. The exploit bypasses a mitigation in place called Stack Smashing Protection (SSP), which protects vulnerable buffers in a stack with a canary.
Source: https://threatpost.com/miniupnp-vulnerability-clears-way-for-stack-smashing-attack/116030/