Show filters

Showing topic results for "CVE-2020-12695":

(1-1 of 1)

Sort by:
Attacker Value
Low

CVE-2020-12695 "CallStranger"

Disclosure Date: June 08, 2020 (last updated July 04, 2020)
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Attack Vector: Network
1