CVE-2020-12695 - Vulnerability Details

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.04731.

Key SSVC decision points have not yet been added.

Vendors	Products
Asus	Rt-n11
Broadcom	Adsl
Canon	Selphy Cp1200
Canonical	Ubuntu Linux
Cisco	Wap131 Wap150 Wap351
Debian	Debian Linux
Dell	B1165nfw
Dlink	Dvg-n5412sp
Epson	Ep-101 Ew-m970a3t M571t Xp-100 Xp-2101 Xp-2105 Xp-241 Xp-320 Xp-330 Xp-340 Xp-4100 Xp-4105 Xp-440 Xp-620 Xp-630 Xp-702 Xp-8500 Xp-8600 Xp-960 Xp-970
Fedoraproject	Fedora
Hp	5020 Z4a69a 5030 M2u92b 5030 Z4a70a 5034 Z4a74a 5660 F8b04a Deskjet Ink Advantage 3456 A9t84c Deskjet Ink Advantage 3545 A9t81a Deskjet Ink Advantage 3545 A9t81c Deskjet Ink Advantage 3545 A9t83b Deskjet Ink Advantage 3546 A9t82a Deskjet Ink Advantage 3548 A9t81b Deskjet Ink Advantage 4515 Deskjet Ink Advantage 4518 Deskjet Ink Advantage 4535 F0v64a Deskjet Ink Advantage 4535 F0v64b Deskjet Ink Advantage 4535 F0v64c Deskjet Ink Advantage 4536 F0v65a Deskjet Ink Advantage 4538 F0v66b Deskjet Ink Advantage 4675 F1h97a Deskjet Ink Advantage 4675 F1h97b Deskjet Ink Advantage 4675 F1h97c Deskjet Ink Advantage 4676 F1h98a Deskjet Ink Advantage 4678 F1h99b Deskjet Ink Advantage 5575 G0v48b Deskjet Ink Advantage 5575 G0v48c Envy 100 Cn517a Envy 100 Cn517b Envy 100 Cn517c Envy 100 Cn518a Envy 100 Cn519a Envy 100 Cn519b Envy 110 Cq809a Envy 110 Cq809b Envy 110 Cq809c Envy 110 Cq809d Envy 110 Cq812c Envy 111 Cq810a Envy 114 Cq811a Envy 114 Cq811b Envy 114 Cq812a Envy 120 Cz022a Envy 120 Cz022b Envy 120 Cz022c Envy 4500 A9t80a Envy 4500 A9t80b Envy 4500 A9t89a Envy 4500 D3p93a Envy 4501 C8d05a Envy 4502 A9t85a Envy 4502 A9t87b Envy 4503 E6g71b Envy 4504 A9t88b Envy 4504 C8d04a Envy 4505 A9t86a Envy 4507 E6g70b Envy 4508 E6g72b Envy 4509 D3p94a Envy 4509 D3p94b Envy 4511 K9h50a Envy 4512 K9h49a Envy 4513 K9h51a Envy 4516 K9h52a Envy 4520 E6g67a Envy 4520 E6g67b Envy 4520 F0v63a Envy 4520 F0v63b Envy 4520 F0v69a Envy 4521 K9t10b Envy 4522 F0v67a Envy 4523 J6u60b Envy 4524 F0v71b Envy 4524 F0v72b Envy 4524 K9t01a Envy 4525 K9t09b Envy 4526 K9t05b Envy 4527 J6u61b Envy 4528 K9t08b Envy 5000 M2u85a Envy 5000 M2u85b Envy 5000 M2u91a Envy 5000 M2u94b Envy 5000 Z4a54a Envy 5000 Z4a74a Envy 5020 M2u91b Envy 5530 Envy 5531 Envy 5532 Envy 5534 Envy 5535 Envy 5536 Envy 5539 Envy 5540 F2e72a Envy 5540 G0v47a Envy 5540 G0v51a Envy 5540 G0v52a Envy 5540 G0v53a Envy 5540 K7c85a Envy 5541 K7g89a Envy 5542 K7c88a Envy 5543 N9u88a Envy 5544 K7c89a Envy 5544 K7c93a Envy 5545 G0v50a Envy 5546 K7c90a Envy 5547 J6u64a Envy 5548 K7g87a Envy 5640 B9s56a Envy 5640 B9s58a Envy 5642 B9s64a Envy 5643 B9s63a Envy 5644 B9s65a Envy 5646 F8b05a Envy 5664 F8b08a Envy 5665 F8b06a Envy 6020 5se16b Envy 6020 5se17a Envy 6020 6wd35a Envy 6020 7cz37a Envy 6052 5se18a Envy 6055 5se16a Envy 6540 B9s59a Envy 7640 Envy 7644 E4w46a Envy 7645 E4w44a Envy Photo 6200 K7g18a Envy Photo 6200 K7g26b Envy Photo 6200 K7s21b Envy Photo 6200 Y0k13d Envy Photo 6200 Y0k15a Envy Photo 6220 K7g20d Envy Photo 6220 K7g21b Envy Photo 6222 Y0k13d Envy Photo 6222 Y0k14d Envy Photo 6230 K7g25b Envy Photo 6232 K7g26b Envy Photo 6234 K7s21b Envy Photo 6252 K7g22a Envy Photo 7100 3xd89a Envy Photo 7100 K7g93a Envy Photo 7100 K7g99a Envy Photo 7100 Z3m37a Envy Photo 7100 Z3m52a Envy Photo 7120 Z3m41d Envy Photo 7155 Z3m52a Envy Photo 7164 K7g99a Envy Photo 7800 K7r96a Envy Photo 7800 K7s00a Envy Photo 7800 K7s10d Envy Photo 7800 Y0g42d Envy Photo 7800 Y0g52b Envy Photo 7822 Y0g42d Envy Photo 7822 Y0g43d Envy Photo 7830 Y0g50b Envy Pro 6420 5se45b Envy Pro 6420 5se46a Envy Pro 6420 6wd14a Envy Pro 6420 6wd16a Envy Pro 6452 5se47a Envy Pro 6455 5se45a Officejet 4650 E6g87a Officejet 4650 F1h96a Officejet 4650 F1h96b Officejet 4652 F1j02a Officejet 4652 F1j05b Officejet 4652 K9v84b Officejet 4654 F1j06b Officejet 4654 F1j07b Officejet 4655 F1j00a Officejet 4655 K9v79a Officejet 4655 K9v82b Officejet 4656 K9v81b Officejet 4657 V6d29b Officejet 4658 V6d30b
Huawei	Hg255s Hg532e
Microsoft	Windows 10 Xbox One
Nec	Wr8165n
Netgear	Wnhde111
Redhat	Enterprise Linux
Ruckussecurity	Zonedirector 1200
Tp-link	Archer C50
Ui	Unifi Controller
W1.fi	Hostapd
Zte	Zxv10 W300
Zyxel	Amg1202-t10b Vmg8324-b10a

Configuration 1 [-]

cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*

Configuration 4 [-]

cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*

Configuration 6 [-]

OR	cpe:2.3:h:cisco:wap131:-:::::::*
	cpe:2.3:h:cisco:wap150:-:::::::*
	cpe:2.3:h:cisco:wap351:-:::::::*

Configuration 7 [-]

cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*

Configuration 8 [-]

cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*

Configuration 9 [-]

OR	cpe:2.3:h:epson:ep-101:-:::::::*
	cpe:2.3:h:epson:ew-m970a3t:-:::::::*
	cpe:2.3:h:epson:m571t:-:::::::*
	cpe:2.3:h:epson:xp-100:-:::::::*
	cpe:2.3:h:epson:xp-2101:-:::::::*
	cpe:2.3:h:epson:xp-2105:-:::::::*
	cpe:2.3:h:epson:xp-241:-:::::::*
	cpe:2.3:h:epson:xp-320:-:::::::*
	cpe:2.3:h:epson:xp-330:-:::::::*
	cpe:2.3:h:epson:xp-340:-:::::::*
	cpe:2.3:h:epson:xp-4100:-:::::::*
	cpe:2.3:h:epson:xp-4105:-:::::::*
	cpe:2.3:h:epson:xp-440:-:::::::*
	cpe:2.3:h:epson:xp-620:-:::::::*
	cpe:2.3:h:epson:xp-630:-:::::::*
	cpe:2.3:h:epson:xp-702:-:::::::*
	cpe:2.3:h:epson:xp-8500:-:::::::*
	cpe:2.3:h:epson:xp-8600:-:::::::*
	cpe:2.3:h:epson:xp-960:-:::::::*
	cpe:2.3:h:epson:xp-970:-:::::::*

Configuration 10 [-]

OR	cpe:2.3:h:hp:5020_z4a69a:-:::::::*
	cpe:2.3:h:hp:5030_m2u92b:-:::::::*
	cpe:2.3:h:hp:5030_z4a70a:-:::::::*
	cpe:2.3:h:hp:5034_z4a74a:-:::::::*
	cpe:2.3:h:hp:5660_f8b04a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:::::::*
	cpe:2.3:h:hp:envy_100_cn517a:-:::::::*
	cpe:2.3:h:hp:envy_100_cn517b:-:::::::*
	cpe:2.3:h:hp:envy_100_cn517c:-:::::::*
	cpe:2.3:h:hp:envy_100_cn518a:-:::::::*
	cpe:2.3:h:hp:envy_100_cn519a:-:::::::*
	cpe:2.3:h:hp:envy_100_cn519b:-:::::::*
	cpe:2.3:h:hp:envy_110_cq809a:-:::::::*
	cpe:2.3:h:hp:envy_110_cq809b:-:::::::*
	cpe:2.3:h:hp:envy_110_cq809c:-:::::::*
	cpe:2.3:h:hp:envy_110_cq809d:-:::::::*
	cpe:2.3:h:hp:envy_110_cq812c:-:::::::*
	cpe:2.3:h:hp:envy_111_cq810a:-:::::::*
	cpe:2.3:h:hp:envy_114_cq811a:-:::::::*
	cpe:2.3:h:hp:envy_114_cq811b:-:::::::*
	cpe:2.3:h:hp:envy_114_cq812a:-:::::::*
	cpe:2.3:h:hp:envy_120_cz022a:-:::::::*
	cpe:2.3:h:hp:envy_120_cz022b:-:::::::*
	cpe:2.3:h:hp:envy_120_cz022c:-:::::::*
	cpe:2.3:h:hp:envy_4500_a9t80a:-:::::::*
	cpe:2.3:h:hp:envy_4500_a9t80b:-:::::::*
	cpe:2.3:h:hp:envy_4500_a9t89a:-:::::::*
	cpe:2.3:h:hp:envy_4500_d3p93a:-:::::::*
	cpe:2.3:h:hp:envy_4501_c8d05a:-:::::::*
	cpe:2.3:h:hp:envy_4502_a9t85a:-:::::::*
	cpe:2.3:h:hp:envy_4502_a9t87b:-:::::::*
	cpe:2.3:h:hp:envy_4503_e6g71b:-:::::::*
	cpe:2.3:h:hp:envy_4504_a9t88b:-:::::::*
	cpe:2.3:h:hp:envy_4504_c8d04a:-:::::::*
	cpe:2.3:h:hp:envy_4505_a9t86a:-:::::::*
	cpe:2.3:h:hp:envy_4507_e6g70b:-:::::::*
	cpe:2.3:h:hp:envy_4508_e6g72b:-:::::::*
	cpe:2.3:h:hp:envy_4509_d3p94a:-:::::::*
	cpe:2.3:h:hp:envy_4509_d3p94b:-:::::::*
	cpe:2.3:h:hp:envy_4511_k9h50a:-:::::::*
	cpe:2.3:h:hp:envy_4512_k9h49a:-:::::::*
	cpe:2.3:h:hp:envy_4513_k9h51a:-:::::::*
	cpe:2.3:h:hp:envy_4516_k9h52a:-:::::::*
	cpe:2.3:h:hp:envy_4520_e6g67a:-:::::::*
	cpe:2.3:h:hp:envy_4520_e6g67b:-:::::::*
cpe:2.3:h:hp:envy_4520_f0v63a:-:::::::*
cpe:2.3:h:hp:envy_4520_f0v63b:-:::::::*
cpe:2.3:h:hp:envy_4520_f0v69a:-:::::::*
cpe:2.3:h:hp:envy_4521_k9t10b:-:::::::*
cpe:2.3:h:hp:envy_4522_f0v67a:-:::::::*
cpe:2.3:h:hp:envy_4523_j6u60b:-:::::::*
cpe:2.3:h:hp:envy_4524_f0v71b:-:::::::*
cpe:2.3:h:hp:envy_4524_f0v72b:-:::::::*
cpe:2.3:h:hp:envy_4524_k9t01a:-:::::::*
cpe:2.3:h:hp:envy_4525_k9t09b:-:::::::*
cpe:2.3:h:hp:envy_4526_k9t05b:-:::::::*
cpe:2.3:h:hp:envy_4527_j6u61b:-:::::::*
cpe:2.3:h:hp:envy_4528_k9t08b:-:::::::*
cpe:2.3:h:hp:envy_5000_m2u85a:-:::::::*
cpe:2.3:h:hp:envy_5000_m2u85b:-:::::::*
cpe:2.3:h:hp:envy_5000_m2u91a::::::::
cpe:2.3:h:hp:envy_5000_m2u91a:-:::::::*
cpe:2.3:h:hp:envy_5000_m2u94b:-:::::::*
cpe:2.3:h:hp:envy_5000_z4a54a:-:::::::*
cpe:2.3:h:hp:envy_5000_z4a74a:-:::::::*
cpe:2.3:h:hp:envy_5020_m2u91b:-:::::::*
cpe:2.3:h:hp:envy_5530:-:::::::*
cpe:2.3:h:hp:envy_5531:-:::::::*
cpe:2.3:h:hp:envy_5532:-:::::::*
cpe:2.3:h:hp:envy_5534:-:::::::*
cpe:2.3:h:hp:envy_5535:-:::::::*
cpe:2.3:h:hp:envy_5536:-:::::::*
cpe:2.3:h:hp:envy_5539:-:::::::*
cpe:2.3:h:hp:envy_5540_f2e72a:-:::::::*
cpe:2.3:h:hp:envy_5540_g0v47a:-:::::::*
cpe:2.3:h:hp:envy_5540_g0v51a:-:::::::*
cpe:2.3:h:hp:envy_5540_g0v52a:-:::::::*
cpe:2.3:h:hp:envy_5540_g0v53a:-:::::::*
cpe:2.3:h:hp:envy_5540_k7c85a:-:::::::*
cpe:2.3:h:hp:envy_5541_k7g89a:-:::::::*
cpe:2.3:h:hp:envy_5542_k7c88a:-:::::::*
cpe:2.3:h:hp:envy_5543_n9u88a:-:::::::*
cpe:2.3:h:hp:envy_5544_k7c89a:-:::::::*
cpe:2.3:h:hp:envy_5544_k7c93a:-:::::::*
cpe:2.3:h:hp:envy_5545_g0v50a:-:::::::*
cpe:2.3:h:hp:envy_5546_k7c90a:-:::::::*
cpe:2.3:h:hp:envy_5547_j6u64a:-:::::::*
cpe:2.3:h:hp:envy_5548_k7g87a:-:::::::*
cpe:2.3:h:hp:envy_5640_b9s56a:-:::::::*
cpe:2.3:h:hp:envy_5640_b9s58a:-:::::::*
cpe:2.3:h:hp:envy_5642_b9s64a:-:::::::*
cpe:2.3:h:hp:envy_5643_b9s63a:-:::::::*
cpe:2.3:h:hp:envy_5644_b9s65a:-:::::::*
cpe:2.3:h:hp:envy_5646_f8b05a:-:::::::*
cpe:2.3:h:hp:envy_5664_f8b08a:-:::::::*
cpe:2.3:h:hp:envy_5665_f8b06a:-:::::::*
cpe:2.3:h:hp:envy_6020_5se16b:-:::::::*
cpe:2.3:h:hp:envy_6020_5se17a:-:::::::*
cpe:2.3:h:hp:envy_6020_6wd35a:-:::::::*
cpe:2.3:h:hp:envy_6020_7cz37a:-:::::::*
cpe:2.3:h:hp:envy_6052_5se18a:-:::::::*
cpe:2.3:h:hp:envy_6055_5se16a:-:::::::*
cpe:2.3:h:hp:envy_6540_b9s59a:-:::::::*
cpe:2.3:h:hp:envy_7640:-:::::::*
cpe:2.3:h:hp:envy_7644_e4w46a:-:::::::*
cpe:2.3:h:hp:envy_7645_e4w44a:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:::::::*
cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:::::::*
cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:::::::*
cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:::::::*
cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:::::::*
cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:::::::*
cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:::::::*
cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:::::::*
cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:::::::*
cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:::::::*
cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:::::::*
cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:::::::*
cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:::::::*
cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:::::::*
cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:::::::*
cpe:2.3:h:hp:envy_pro_6420_5se45b:-:::::::*
cpe:2.3:h:hp:envy_pro_6420_5se46a:-:::::::*
cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:::::::*
cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:::::::*
cpe:2.3:h:hp:envy_pro_6452_5se47a:-:::::::*
cpe:2.3:h:hp:envy_pro_6455_5se45a:-:::::::*
cpe:2.3:h:hp:officejet_4650_e6g87a:-:::::::*
cpe:2.3:h:hp:officejet_4650_f1h96a:-:::::::*
cpe:2.3:h:hp:officejet_4650_f1h96b:-:::::::*
cpe:2.3:h:hp:officejet_4652_f1j02a:-:::::::*
cpe:2.3:h:hp:officejet_4652_f1j05b:-:::::::*
cpe:2.3:h:hp:officejet_4652_k9v84b:-:::::::*
cpe:2.3:h:hp:officejet_4654_f1j06b:-:::::::*
cpe:2.3:h:hp:officejet_4654_f1j07b:-:::::::*
cpe:2.3:h:hp:officejet_4655_f1j00a:-:::::::*
cpe:2.3:h:hp:officejet_4655_k9v79a:-:::::::*
cpe:2.3:h:hp:officejet_4655_k9v82b:-:::::::*
cpe:2.3:h:hp:officejet_4656_k9v81b:-:::::::*
cpe:2.3:h:hp:officejet_4657_v6d29b:-:::::::*
cpe:2.3:h:hp:officejet_4658_v6d30b:-:::::::*

Configuration 11 [-]

OR	cpe:2.3:h:huawei:hg255s:-:::::::*
	cpe:2.3:h:huawei:hg532e:-:::::::*

Configuration 12 [-]

cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*

Configuration 13 [-]

cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*

Configuration 14 [-]

cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*

Configuration 15 [-]

cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*

Configuration 16 [-]

cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*

Configuration 17 [-]

OR	cpe:2.3:h:zyxel:amg1202-t10b:-:::::::*
	cpe:2.3:h:zyxel:vmg8324-b10a:-:::::::*

Configuration 18 [-]

OR	cpe:2.3:o:microsoft:windows_10:-:::::::*
	cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:::::::*

Configuration 19 [-]

OR	cpe:2.3:o:fedoraproject:fedora:31:::::::*
	cpe:2.3:o:fedoraproject:fedora:32:::::::*

Configuration 20 [-]

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 21 [-]

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
gssdp-0:1.0.5-1.el8	cpe:/a:redhat:enterprise_linux:8	RHSA-2021:1789	2021-05-18T00:00:00Z
gupnp-0:1.0.6-1.el8	cpe:/a:redhat:enterprise_linux:8	RHSA-2021:1789	2021-05-18T00:00:00Z

No data.

Advisories

Source	ID	Title
Debian DLA	DLA-2315-1	gupnp security update
Debian DLA	DLA-2318-1	wpa security update
Debian DLA	DLA-2489-1	minidlna security update
Debian DSA	DSA-4806-1	minidlna security update
Debian DSA	DSA-4898-1	wpa security update
Ubuntu USN	USN-4494-1	GUPnP vulnerability
Ubuntu USN	USN-4722-1	ReadyMedia (MiniDLNA) vulnerabilities
Ubuntu USN	USN-4734-1	wpa_supplicant and hostapd vulnerabilities
Ubuntu USN	USN-4734-2	wpa_supplicant and hostapd vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html
http://www.openwall.com/lists/oss-security/2020/06/08/2
https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/
https://github.com/corelight/callstranger-detector
https://github.com/yunuscadirci/CallStranger
https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html
https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html
https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/
https://nvd.nist.gov/vuln/detail/CVE-2020-12695
https://usn.ubuntu.com/4494-1/
https://www.callstranger.com
https://www.cve.org/CVERecord?id=CVE-2020-12695
https://www.debian.org/security/2020/dsa-4806
https://www.debian.org/security/2021/dsa-4898
https://www.kb.cert.org/vuls/id/339275
https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-06-08T16:45:04

Updated: 2024-08-04T12:04:22.578Z

Reserved: 2020-05-07T00:00:00

Link: CVE-2020-12695

Vulnrichment

No data.

NVD

Status : Modified

Published: 2020-06-08T17:15:09.973

Modified: 2024-11-21T05:00:05.367

Link: CVE-2020-12695

Redhat

Severity : Moderate

Publid Date: 2020-06-08T00:00:00Z

Links: CVE-2020-12695 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact None

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object