by CIRT Team
CVE-2020-12695 : Data Exfiltration & Reflected Amplified TCP DDOS & Port Scan
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. What is UPnP? Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and...
Read More