CVE-2020-12695

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
7.8
HIGH
Affected
2
PROJECTS

Description

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

yunuscadirci/CallStranger
yunuscadirci/CallStranger
Vulnerability checker for Callstranger (CVE-2020-12695)
GitHubGitHub
403
corelight/callstranger-detector
corelight/callstranger-detector
Zeek Plugin that detects CallStranger (CVE-2020-12695) attempts (http://callstranger.com/)
GitHubGitHub
6