CVE-CVE-2020-12695 | HIGH Severity | CVEDatabase.com

Description

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H
Attack Vector: network
Complexity: high
Privileges: none
User Action: none
Scope: changed
Confidentiality: low
Integrity: none
Availability: high
Weaknesses: CWE-276

Metadata

Primary Vendor: UI
Published: 6/8/2020
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

ui : unifi_controllerw1.fi : hostapdasus : rt-n11broadcom : adslcanon : selphy_cp1200cisco : wap131cisco : wap150cisco : wap351dlink : dvg-n5412spdell : b1165nfwepson : ep-101epson : ew-m970a3tepson : m571tepson : xp-100epson : xp-2101epson : xp-2105epson : xp-241epson : xp-320epson : xp-330epson : xp-340epson : xp-4100epson : xp-4105epson : xp-440epson : xp-620epson : xp-630epson : xp-702epson : xp-8500epson : xp-8600epson : xp-960epson : xp-970hp : 5020_z4a69ahp : 5030_m2u92bhp : 5030_z4a70ahp : 5034_z4a74ahp : 5660_f8b04ahp : deskjet_ink_advantage_3456_a9t84chp : deskjet_ink_advantage_3545_a9t81ahp : deskjet_ink_advantage_3545_a9t81chp : deskjet_ink_advantage_3545_a9t83bhp : deskjet_ink_advantage_3546_a9t82ahp : deskjet_ink_advantage_3548_a9t81bhp : deskjet_ink_advantage_4515hp : deskjet_ink_advantage_4518hp : deskjet_ink_advantage_4535_f0v64ahp : deskjet_ink_advantage_4535_f0v64bhp : deskjet_ink_advantage_4535_f0v64chp : deskjet_ink_advantage_4536_f0v65ahp : deskjet_ink_advantage_4538_f0v66bhp : deskjet_ink_advantage_4675_f1h97ahp : deskjet_ink_advantage_4675_f1h97bhp : deskjet_ink_advantage_4675_f1h97chp : deskjet_ink_advantage_4676_f1h98ahp : deskjet_ink_advantage_4678_f1h99bhp : deskjet_ink_advantage_5575_g0v48bhp : deskjet_ink_advantage_5575_g0v48chp : envy_100_cn517ahp : envy_100_cn517bhp : envy_100_cn517chp : envy_100_cn518ahp : envy_100_cn519ahp : envy_100_cn519bhp : envy_110_cq809ahp : envy_110_cq809bhp : envy_110_cq809chp : envy_110_cq809dhp : envy_110_cq812chp : envy_111_cq810ahp : envy_114_cq811ahp : envy_114_cq811bhp : envy_114_cq812ahp : envy_120_cz022ahp : envy_120_cz022bhp : envy_120_cz022chp : envy_4500_a9t80ahp : envy_4500_a9t80bhp : envy_4500_a9t89ahp : envy_4500_d3p93ahp : envy_4501_c8d05ahp : envy_4502_a9t85ahp : envy_4502_a9t87bhp : envy_4503_e6g71bhp : envy_4504_a9t88bhp : envy_4504_c8d04ahp : envy_4505_a9t86ahp : envy_4507_e6g70bhp : envy_4508_e6g72bhp : envy_4509_d3p94ahp : envy_4509_d3p94bhp : envy_4511_k9h50ahp : envy_4512_k9h49ahp : envy_4513_k9h51ahp : envy_4516_k9h52ahp : envy_4520_e6g67ahp : envy_4520_e6g67bhp : envy_4520_f0v63ahp : envy_4520_f0v63bhp : envy_4520_f0v69ahp : envy_4521_k9t10bhp : envy_4522_f0v67ahp : envy_4523_j6u60bhp : envy_4524_f0v71bhp : envy_4524_f0v72bhp : envy_4524_k9t01ahp : envy_4525_k9t09bhp : envy_4526_k9t05bhp : envy_4527_j6u61bhp : envy_4528_k9t08bhp : envy_5000_m2u85ahp : envy_5000_m2u85bhp : envy_5000_m2u91ahp : envy_5000_m2u91ahp : envy_5000_m2u94bhp : envy_5000_z4a54ahp : envy_5000_z4a74ahp : envy_5020_m2u91bhp : envy_5530hp : envy_5531hp : envy_5532hp : envy_5534hp : envy_5535hp : envy_5536hp : envy_5539hp : envy_5540_f2e72ahp : envy_5540_g0v47ahp : envy_5540_g0v51ahp : envy_5540_g0v52ahp : envy_5540_g0v53ahp : envy_5540_k7c85ahp : envy_5541_k7g89ahp : envy_5542_k7c88ahp : envy_5543_n9u88ahp : envy_5544_k7c89ahp : envy_5544_k7c93ahp : envy_5545_g0v50ahp : envy_5546_k7c90ahp : envy_5547_j6u64ahp : envy_5548_k7g87ahp : envy_5640_b9s56ahp : envy_5640_b9s58ahp : envy_5642_b9s64ahp : envy_5643_b9s63ahp : envy_5644_b9s65ahp : envy_5646_f8b05ahp : envy_5664_f8b08ahp : envy_5665_f8b06ahp : envy_6020_5se16bhp : envy_6020_5se17ahp : envy_6020_6wd35ahp : envy_6020_7cz37ahp : envy_6052_5se18ahp : envy_6055_5se16ahp : envy_6540_b9s59ahp : envy_7640hp : envy_7644_e4w46ahp : envy_7645_e4w44ahp : envy_photo_6200_k7g18ahp : envy_photo_6200_k7g26bhp : envy_photo_6200_k7s21bhp : envy_photo_6200_y0k13d_hp : envy_photo_6200_y0k15ahp : envy_photo_6220_k7g20dhp : envy_photo_6220_k7g21bhp : envy_photo_6222_y0k13dhp : envy_photo_6222_y0k14dhp : envy_photo_6230_k7g25bhp : envy_photo_6232_k7g26bhp : envy_photo_6234_k7s21bhp : envy_photo_6252_k7g22ahp : envy_photo_7100_3xd89ahp : envy_photo_7100_k7g93ahp : envy_photo_7100_k7g99ahp : envy_photo_7100_z3m37ahp : envy_photo_7100_z3m52ahp : envy_photo_7120_z3m41dhp : envy_photo_7155_z3m52ahp : envy_photo_7164_k7g99ahp : envy_photo_7800_k7r96ahp : envy_photo_7800_k7s00ahp : envy_photo_7800_k7s10dhp : envy_photo_7800_y0g42dhp : envy_photo_7800_y0g52bhp : envy_photo_7822_y0g42dhp : envy_photo_7822_y0g43dhp : envy_photo_7830_y0g50bhp : envy_pro_6420_5se45bhp : envy_pro_6420_5se46ahp : envy_pro_6420_6wd14ahp : envy_pro_6420_6wd16ahp : envy_pro_6452_5se47ahp : envy_pro_6455_5se45ahp : officejet_4650_e6g87ahp : officejet_4650_f1h96ahp : officejet_4650_f1h96bhp : officejet_4652_f1j02ahp : officejet_4652_f1j05bhp : officejet_4652_k9v84bhp : officejet_4654_f1j06bhp : officejet_4654_f1j07bhp : officejet_4655_f1j00ahp : officejet_4655_k9v79ahp : officejet_4655_k9v82bhp : officejet_4656_k9v81bhp : officejet_4657_v6d29bhp : officejet_4658_v6d30bhuawei : hg255shuawei : hg532enec : wr8165nnetgear : wnhde111ruckussecurity : zonedirector_1200tp-link : archer_c50zte : zxv10_w300zyxel : amg1202-t10bzyxel : vmg8324-b10amicrosoft : windows_10microsoft : xbox_onefedoraproject : fedorafedoraproject : fedoradebian : debian_linuxdebian : debian_linuxcanonical : ubuntu_linux

AI-Powered Remediation

Generate remediation guidance or a C-suite brief for this vulnerability.

Executive Intelligence Brief

View on NIST NVD