Document devel/upnp 2 security vulnerabilities:

• unhandled write of files to filesystem via POST by default
• heap buffer overflow in create_url_list function