CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
References
Link Resource
http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2020/06/08/2 Mailing List Third Party Advisory
https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/ Third Party Advisory
https://github.com/corelight/callstranger-detector Third Party Advisory
https://github.com/yunuscadirci/CallStranger Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ Mailing List Third Party Advisory
https://usn.ubuntu.com/4494-1/ Third Party Advisory
https://www.callstranger.com Broken Link
https://www.debian.org/security/2020/dsa-4806 Third Party Advisory
https://www.debian.org/security/2021/dsa-4898 Third Party Advisory
https://www.kb.cert.org/vuls/id/339275 Third Party Advisory US Government Resource
https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of Third Party Advisory
http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2020/06/08/2 Mailing List Third Party Advisory
https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/ Third Party Advisory
https://github.com/corelight/callstranger-detector Third Party Advisory
https://github.com/yunuscadirci/CallStranger Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ Mailing List Third Party Advisory
https://usn.ubuntu.com/4494-1/ Third Party Advisory
https://www.callstranger.com Broken Link
https://www.debian.org/security/2020/dsa-4806 Third Party Advisory
https://www.debian.org/security/2021/dsa-4898 Third Party Advisory
https://www.kb.cert.org/vuls/id/339275 Third Party Advisory US Government Resource
https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*

Configuration 6 (hide)

OR cpe:2.3:h:cisco:wap131:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap150:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:wap351:-:*:*:*:*:*:*:*

Configuration 7 (hide)

cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*

Configuration 8 (hide)

cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*

Configuration 9 (hide)

OR cpe:2.3:h:epson:ep-101:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:ew-m970a3t:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:m571t:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-100:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-2101:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-2105:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-241:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-320:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-330:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-340:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-4100:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-4105:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-440:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-620:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-630:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-702:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-8500:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-8600:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-960:-:*:*:*:*:*:*:*
cpe:2.3:h:epson:xp-970:-:*:*:*:*:*:*:*

Configuration 10 (hide)

OR cpe:2.3:h:hp:5020_z4a69a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:5030_m2u92b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:5030_z4a70a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:5034_z4a74a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:5660_f8b04a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_100_cn517a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_100_cn517b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_100_cn517c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_100_cn518a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_100_cn519a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_100_cn519b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_110_cq809a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_110_cq809b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_110_cq809c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_110_cq809d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_110_cq812c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_111_cq810a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_114_cq811a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_114_cq811b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_114_cq812a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_120_cz022a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_120_cz022b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_120_cz022c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4500_a9t80a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4500_a9t80b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4500_a9t89a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4500_d3p93a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4501_c8d05a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4502_a9t85a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4502_a9t87b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4503_e6g71b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4504_a9t88b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4504_c8d04a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4505_a9t86a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4507_e6g70b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4508_e6g72b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4509_d3p94a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4509_d3p94b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4511_k9h50a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4512_k9h49a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4513_k9h51a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4516_k9h52a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4520_e6g67a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4520_e6g67b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4520_f0v63a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4520_f0v63b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4520_f0v69a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4521_k9t10b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4522_f0v67a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4523_j6u60b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4524_f0v71b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4524_f0v72b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4524_k9t01a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4525_k9t09b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4526_k9t05b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4527_j6u61b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_4528_k9t08b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5000_m2u85a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5000_m2u85b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5000_m2u91a:*:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5000_m2u91a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5000_m2u94b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5000_z4a54a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5000_z4a74a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5020_m2u91b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5530:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5531:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5532:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5534:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5535:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5536:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5539:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5540_f2e72a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5540_g0v47a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5540_g0v51a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5540_g0v52a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5540_g0v53a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5540_k7c85a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5541_k7g89a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5542_k7c88a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5543_n9u88a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5544_k7c89a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5544_k7c93a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5545_g0v50a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5546_k7c90a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5547_j6u64a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5548_k7g87a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5640_b9s56a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5640_b9s58a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5642_b9s64a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5643_b9s63a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5644_b9s65a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5646_f8b05a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5664_f8b08a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_5665_f8b06a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_6020_5se16b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_6020_5se17a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_6020_6wd35a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_6020_7cz37a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_6052_5se18a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_6055_5se16a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_6540_b9s59a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_7640:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_7644_e4w46a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_7645_e4w44a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_pro_6420_5se45b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_pro_6420_5se46a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_pro_6452_5se47a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:envy_pro_6455_5se45a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4650_e6g87a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4650_f1h96a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4650_f1h96b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4652_f1j02a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4652_f1j05b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4652_k9v84b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4654_f1j06b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4654_f1j07b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4655_f1j00a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4655_k9v79a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4655_k9v82b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4656_k9v81b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4657_v6d29b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:officejet_4658_v6d30b:-:*:*:*:*:*:*:*

Configuration 11 (hide)

OR cpe:2.3:h:huawei:hg255s:-:*:*:*:*:*:*:*
cpe:2.3:h:huawei:hg532e:-:*:*:*:*:*:*:*

Configuration 12 (hide)

cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*

Configuration 13 (hide)

cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*

Configuration 14 (hide)

cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*

Configuration 15 (hide)

cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*

Configuration 16 (hide)

cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*

Configuration 17 (hide)

OR cpe:2.3:h:zyxel:amg1202-t10b:-:*:*:*:*:*:*:*
cpe:2.3:h:zyxel:vmg8324-b10a:-:*:*:*:*:*:*:*

Configuration 18 (hide)

OR cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:*:*:*:*:*:*:*

Configuration 19 (hide)

OR cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*

Configuration 20 (hide)

OR cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration 21 (hide)

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

History

21 Nov 2024, 05:00

Type Values Removed Values Added
References () http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html - Third Party Advisory, VDB Entry () http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html - Third Party Advisory, VDB Entry
References () http://www.openwall.com/lists/oss-security/2020/06/08/2 - Mailing List, Third Party Advisory () http://www.openwall.com/lists/oss-security/2020/06/08/2 - Mailing List, Third Party Advisory
References () https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/ - Third Party Advisory () https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/ - Third Party Advisory
References () https://github.com/corelight/callstranger-detector - Third Party Advisory () https://github.com/corelight/callstranger-detector - Third Party Advisory
References () https://github.com/yunuscadirci/CallStranger - Third Party Advisory () https://github.com/yunuscadirci/CallStranger - Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html - Third Party Advisory () https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html - Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html - Third Party Advisory () https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html - Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html - Third Party Advisory () https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html - Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ - Mailing List, Third Party Advisory () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ - Mailing List, Third Party Advisory () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ - Mailing List, Third Party Advisory () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ - Mailing List, Third Party Advisory
References () https://usn.ubuntu.com/4494-1/ - Third Party Advisory () https://usn.ubuntu.com/4494-1/ - Third Party Advisory
References () https://www.callstranger.com - Broken Link () https://www.callstranger.com - Broken Link
References () https://www.debian.org/security/2020/dsa-4806 - Third Party Advisory () https://www.debian.org/security/2020/dsa-4806 - Third Party Advisory
References () https://www.debian.org/security/2021/dsa-4898 - Third Party Advisory () https://www.debian.org/security/2021/dsa-4898 - Third Party Advisory
References () https://www.kb.cert.org/vuls/id/339275 - Third Party Advisory, US Government Resource () https://www.kb.cert.org/vuls/id/339275 - Third Party Advisory, US Government Resource
References () https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of - Third Party Advisory () https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of - Third Party Advisory

08 Apr 2024, 22:50

Type Values Removed Values Added
CPE cpe:2.3:h:hp:hp_officejet_4652_k9v84b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4511_k9h50a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4523_j6u60b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4675_f1h97c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4678_f1h99b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4650_f1h96b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4521_k9t10b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4528_k9t08b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4535_f0v64a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4526_k9t05b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4675_f1h97b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4520_f0v69a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4522_f0v67a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4675_f1h97a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4655_f1j00a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4655_k9v82b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4513_k9h51a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4536_f0v65a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4655_k9v79a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4516_k9h52a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4652_f1j05b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4654_f1j07b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4650_f1h96a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4524_k9t01a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4676_f1h98a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4520_f0v63a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4525_k9t09b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4656_k9v81b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4652_f1j02a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4524_f0v72b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4512_k9h49a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4520_e6g67a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4520_e6g67b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4520_f0v63b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4654_f1j06b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4657_v6d29b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4535_f0v64b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4650_e6g87a:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4524_f0v71b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4538_f0v66b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_envy_4527_j6u61b:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_deskjet_ink_advantage_4535_f0v64c:-:*:*:*:*:*:*:*
cpe:2.3:h:hp:hp_officejet_4658_v6d30b:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
References () https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/ - () https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/ - Third Party Advisory
References () https://github.com/corelight/callstranger-detector - () https://github.com/corelight/callstranger-detector - Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html - () https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html - Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html - () https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html - Third Party Advisory
References () https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html - () https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html - Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ - Mailing List, Third Party Advisory
References () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ - () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ - Mailing List, Third Party Advisory
References () https://usn.ubuntu.com/4494-1/ - () https://usn.ubuntu.com/4494-1/ - Third Party Advisory
References () https://www.callstranger.com - Third Party Advisory () https://www.callstranger.com - Broken Link
References () https://www.debian.org/security/2020/dsa-4806 - () https://www.debian.org/security/2020/dsa-4806 - Third Party Advisory
References () https://www.debian.org/security/2021/dsa-4898 - () https://www.debian.org/security/2021/dsa-4898 - Third Party Advisory
First Time Canonical
Debian debian Linux
Fedoraproject fedora
Fedoraproject
Debian
Canonical ubuntu Linux

07 Nov 2023, 03:15

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/', 'name': 'FEDORA-2020-e538e3e526', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/', 'name': 'FEDORA-2020-df3e1cfde9', 'tags': [], 'refsource': 'FEDORA'}
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/', 'name': 'FEDORA-2020-1f7fc0d0c9', 'tags': [], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ -
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ -

Information

Published : 2020-06-08 17:15

Updated : 2024-11-21 05:00


NVD link : CVE-2020-12695

Mitre link : CVE-2020-12695

CVE.ORG link : CVE-2020-12695


JSON object : View

Products Affected

hp

  • envy_4520_f0v69a
  • envy_5646_f8b05a
  • envy_5643_b9s63a
  • deskjet_ink_advantage_5575_g0v48b
  • envy_4501_c8d05a
  • envy_5540_g0v51a
  • envy_5544_k7c93a
  • envy_5000_m2u85a
  • envy_photo_7800_k7r96a
  • officejet_4654_f1j06b
  • envy_photo_6200_y0k13d_
  • envy_photo_6222_y0k13d
  • envy_4524_f0v71b
  • envy_5545_g0v50a
  • envy_110_cq812c
  • envy_5536
  • envy_5540_g0v47a
  • envy_5544_k7c89a
  • envy_110_cq809c
  • envy_4504_a9t88b
  • envy_4500_a9t80a
  • envy_5540_g0v52a
  • envy_7644_e4w46a
  • deskjet_ink_advantage_4675_f1h97a
  • envy_4522_f0v67a
  • envy_6020_5se17a
  • envy_6020_5se16b
  • deskjet_ink_advantage_4535_f0v64c
  • envy_5640_b9s56a
  • envy_5547_j6u64a
  • envy_4520_f0v63b
  • 5030_m2u92b
  • envy_4511_k9h50a
  • officejet_4655_k9v82b
  • officejet_4657_v6d29b
  • envy_photo_7164_k7g99a
  • envy_4503_e6g71b
  • envy_5000_m2u91a
  • envy_4516_k9h52a
  • deskjet_ink_advantage_3545_a9t81c
  • envy_4526_k9t05b
  • envy_pro_6455_5se45a
  • envy_5546_k7c90a
  • envy_5543_n9u88a
  • 5020_z4a69a
  • envy_photo_6220_k7g21b
  • envy_4520_e6g67b
  • envy_4528_k9t08b
  • envy_photo_7100_k7g93a
  • envy_photo_6222_y0k14d
  • envy_6540_b9s59a
  • envy_7645_e4w44a
  • envy_6055_5se16a
  • envy_4512_k9h49a
  • envy_pro_6452_5se47a
  • envy_5534
  • envy_7640
  • envy_photo_6232_k7g26b
  • envy_4500_d3p93a
  • envy_pro_6420_6wd16a
  • envy_5644_b9s65a
  • envy_photo_7822_y0g42d
  • deskjet_ink_advantage_4518
  • officejet_4652_f1j05b
  • envy_photo_7800_k7s00a
  • envy_100_cn518a
  • envy_5539
  • envy_photo_7800_y0g42d
  • envy_4504_c8d04a
  • envy_5000_m2u85b
  • envy_120_cz022b
  • envy_4505_a9t86a
  • envy_5548_k7g87a
  • envy_pro_6420_5se46a
  • envy_6020_7cz37a
  • envy_5000_z4a54a
  • deskjet_ink_advantage_4536_f0v65a
  • envy_4509_d3p94a
  • deskjet_ink_advantage_3546_a9t82a
  • envy_pro_6420_6wd14a
  • envy_photo_7120_z3m41d
  • officejet_4654_f1j07b
  • envy_5640_b9s58a
  • deskjet_ink_advantage_4535_f0v64a
  • deskjet_ink_advantage_3548_a9t81b
  • envy_4524_k9t01a
  • envy_5665_f8b06a
  • 5034_z4a74a
  • envy_photo_7155_z3m52a
  • 5660_f8b04a
  • envy_5531
  • envy_photo_7100_z3m37a
  • deskjet_ink_advantage_4676_f1h98a
  • deskjet_ink_advantage_4678_f1h99b
  • envy_photo_7100_k7g99a
  • officejet_4655_f1j00a
  • envy_5020_m2u91b
  • envy_114_cq812a
  • envy_photo_7800_k7s10d
  • envy_4502_a9t87b
  • envy_4524_f0v72b
  • officejet_4656_k9v81b
  • envy_photo_6200_y0k15a
  • deskjet_ink_advantage_4535_f0v64b
  • envy_4520_e6g67a
  • officejet_4650_f1h96b
  • envy_5540_f2e72a
  • envy_photo_6220_k7g20d
  • envy_photo_6230_k7g25b
  • envy_5542_k7c88a
  • envy_4500_a9t80b
  • envy_120_cz022c
  • envy_4508_e6g72b
  • envy_4509_d3p94b
  • envy_4527_j6u61b
  • envy_5642_b9s64a
  • envy_6052_5se18a
  • envy_110_cq809b
  • envy_photo_7800_y0g52b
  • envy_photo_6234_k7s21b
  • envy_4525_k9t09b
  • envy_4523_j6u60b
  • deskjet_ink_advantage_4675_f1h97b
  • envy_100_cn517a
  • envy_100_cn519b
  • envy_5664_f8b08a
  • envy_photo_7830_y0g50b
  • envy_100_cn519a
  • envy_5532
  • envy_114_cq811a
  • 5030_z4a70a
  • envy_5000_z4a74a
  • envy_photo_6200_k7g26b
  • envy_4513_k9h51a
  • envy_110_cq809d
  • envy_5541_k7g89a
  • envy_100_cn517b
  • envy_100_cn517c
  • officejet_4652_k9v84b
  • officejet_4650_e6g87a
  • deskjet_ink_advantage_3545_a9t81a
  • deskjet_ink_advantage_3545_a9t83b
  • envy_6020_6wd35a
  • envy_photo_7822_y0g43d
  • envy_4500_a9t89a
  • envy_photo_6200_k7s21b
  • officejet_4655_k9v79a
  • envy_4507_e6g70b
  • deskjet_ink_advantage_4515
  • envy_5000_m2u94b
  • envy_4520_f0v63a
  • envy_photo_6252_k7g22a
  • envy_pro_6420_5se45b
  • officejet_4658_v6d30b
  • officejet_4652_f1j02a
  • envy_5530
  • envy_5535
  • envy_photo_6200_k7g18a
  • envy_114_cq811b
  • envy_111_cq810a
  • officejet_4650_f1h96a
  • deskjet_ink_advantage_4675_f1h97c
  • deskjet_ink_advantage_5575_g0v48c
  • envy_110_cq809a
  • deskjet_ink_advantage_3456_a9t84c
  • envy_5540_g0v53a
  • envy_120_cz022a
  • envy_photo_7100_z3m52a
  • envy_4521_k9t10b
  • envy_5540_k7c85a
  • envy_photo_7100_3xd89a
  • envy_4502_a9t85a
  • deskjet_ink_advantage_4538_f0v66b

zte

  • zxv10_w300

ui

  • unifi_controller

dell

  • b1165nfw

epson

  • xp-2105
  • xp-8500
  • ep-101
  • xp-702
  • xp-970
  • m571t
  • xp-620
  • xp-4105
  • xp-340
  • xp-630
  • xp-8600
  • ew-m970a3t
  • xp-100
  • xp-960
  • xp-4100
  • xp-241
  • xp-2101
  • xp-320
  • xp-440
  • xp-330

debian

  • debian_linux

cisco

  • wap150
  • wap131
  • wap351

ruckussecurity

  • zonedirector_1200

microsoft

  • xbox_one
  • windows_10

w1.fi

  • hostapd

canon

  • selphy_cp1200

huawei

  • hg255s
  • hg532e

zyxel

  • amg1202-t10b
  • vmg8324-b10a

asus

  • rt-n11

dlink

  • dvg-n5412sp

tp-link

  • archer_c50

broadcom

  • adsl

fedoraproject

  • fedora

netgear

  • wnhde111

nec

  • wr8165n

canonical

  • ubuntu_linux
CWE
CWE-276

Incorrect Default Permissions