Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
certCERTVU:339275
HistoryJun 08, 2020 - 12:00 a.m.

Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations

2020-06-0800:00:00
www.kb.cert.org
80

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:N/A:C

0.005 Low

EPSS

Percentile

77.2%

JSON

Overview

The Universal Plug and Play (UPnP) protocol in effect prior to April 17, 2020 can be abused to send traffic to arbitrary destinations using the SUBSCRIBE functionality.

Description

The UPnP protocol, as specified by the Open Connectivity Foundation (OCF), is designed to provide automatic discovery and interaction with devices on a network. The UPnP protocol is designed to be used in a trusted local area network (LAN) and the protocol does not implement any form of authentication or verification.

Many common Internet-connected devices support UPnP, as noted in previous research from Daniel Garcia (VU#357851) and Rapid7. Garcia presented at DEFCON 2019 and published a scanning and portmapping tool. The UPnP Device Protection service was not widely adopted.

A vulnerability in the UPnP SUBSCRIBE capability permits an attacker to send large amounts of data to arbitrary destinations accessible over the Internet, which could lead to a Distributed Denial of Service (DDoS), data exfiltration, and other unexpected network behavior. The OCF has updated the UPnP specification to address this issue. This vulnerability has been assigned CVE-2020-12695 and is also known as Call Stranger.

Although offering UPnP services on the Internet is generally considered to be a misconfiguration, a number of devices are still available over the Internet according to a recent Shodan scan.

Impact

A remote, unauthenticated attacker may be able to abuse the UPnP SUBSCRIBE capability to send traffic to arbitrary destinations, leading to amplified DDoS attacks and data exfiltration. In general, making UPnP available over the the Internet can pose further security vulnerabilities than the one described in this vulnerability note.

Solution

Affected devices

A number of devices have been identified as vulnerable by the security researcher and have been posted at the CallStranger website. There is more information on affected devices in Tenable’s blog on cve-2020-12695.

Apply updates

Vendors are urged to implement the updated specification provided by the OCF… Users should monitor vendor support channels for updates that implement the new SUBSCRIBE specification.

Disable or Restrict UPnP

Disable the UPnP protocol on Internet-accessible interfaces. Device manufacturers are urged to disable the UPnP SUBSCRIBE capability in their default configuration and to require users to explicitly enable SUBSCRIBE with any appropriate network restrictions to limit its usage to a trusted local area network.

IDS Signature

This Surricata IDS rule looks for any HTTP SUBSCRIBE request to what is likely to be an external network (i.e., not RFC1918 and RFC4193 addresses). Network administrators and ISPs can deploy this signature at the Internet access point to detect any anomalous SUBSCRIBE requests reaching their users.

alert http any any -> ![fd00::/8,192.168.0.0/16,10.0.0.0/8,172.16.0.0/12] any (msg:"UPnP SUBSCRIBE request seen to external network VU#339275: CVE- 2020-12695 https://kb.cert.org "; content: "subscribe"; nocase; http_method; sid:1367339275;)

Acknowledgements

This vulnerability was reported by Yunus Çadirci from EY Turkey.

This document was written by Vijay Sarvepalli.

Vendor Information

339275

Filter by status: All Affected Not Affected Unknown

Filter by content: __ Additional information available

__ Sort by: Status Alphabetical

Expand all

Open Connectivity Foundation __ Affected

Updated: 2020-06-29 CVE-2020-12695 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

Open Connectivity Foundation has updated their specification and published in the bulletin, see references.

Synology __ Affected

Notified: 2020-06-17 Updated: 2020-06-29

Statement Date: June 22, 2020

CVE-2020-12695 Affected

Vendor Statement

Please refer to Synology-SA-20:13

References

Zyxel __ Affected

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Affected

Vendor Statement

Zyxel security team confirms that Zyxel’s VMG8324-B10A has the default firewall rule to block UPnP traffic from WAN since its first firmware V1.00(AAKL.0)C0 released in May 2013. However, if users intentionally disable the firewall feature, it could be vulnerable.

References

CERT Addendum

Users are urged to not disable firewall to reduce the impact of this vulnerability from the WAN interface. Check Zyxel advisories for regular updates.

hostapd __ Affected

Updated: 2020-06-29 CVE-2020-12695 Affected

Vendor Statement

We have not received a statement from the vendor.

References

CERT Addendum

HostAP has released a statement and patches, see the References section for details.

Commscope __ Not Affected

Updated: 2020-07-02 CVE-2020-12695 Not Affected

Vendor Statement

None of the Ruckus products are vulnerable to CVE-2020-12695

CERT Addendum

Commscope acquired Arris and Ruckus Wireless. Announcements may be duplicated in the brand named vendor sections.

Cradlepoint __ Not Affected

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Not Affected

Vendor Statement

In NCOS, UPnP Gateway is disabled and the zone-based firewall is configured with an explicit deny for unsolicited inbound traffic by default

References

LANCOM Systems GmbH __ Not Affected

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Not Affected

Vendor Statement

LANCOM Systems products are not vulnerable to these vulnerabilities.

Peplink Not Affected

Notified: 2020-07-06 Updated: 2020-06-29

Statement Date: July 07, 2020

CVE-2020-12695 Not Affected

Vendor Statement

We have not received a statement from the vendor.

Ruckus Wireless __ Not Affected

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Not Affected

Vendor Statement

None of the Ruckus products are vulnerable to CVE-2020-12695

References

CERT Addendum

Please note that Commscope acquired Ruckus Wireless in 2019. You may see future advisory under Commscope.

Sierra Wireless Not Affected

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Not Affected

Vendor Statement

We have not received a statement from the vendor.

A10 Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

ACCESS Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

ADATA Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

ADTRAN Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

ANTlabs Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

ARRIS Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

ASUSTeK Computer Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

AT&T Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

AVM GmbH Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Actelis Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Actiontec Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aerohive Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

AhnLab Inc Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

AirWatch Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Akamai Technologies Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Alcatel-Lucent Enterprise Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Allied Telesis Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Amazon Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Android Open Source Project Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Apple Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Arista Networks Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aruba Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Aspera Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Barracuda Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Belden Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Belkin Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlackBerry Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blue Coat Systems Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

BlueCat Networks Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Blunk Microsystems Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

BoringSSL Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Broadcom Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

CA Technologies Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

CMX Systems Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

CZ.NIC Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cambium Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ceragon Networks Inc Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Check Point Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cirpack Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cisco Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Contiki OS Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

CoreOS Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cricket Wireless Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Cypress Semiconductor Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

D-Link Systems Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Debian GNU/Linux Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell EMC Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Dell SecureWorks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

DesktopBSD Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Deutsche Telekom Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Devicescape Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Digi International Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

DragonFly BSD Project Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

ENEA Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

EfficientIP Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ericsson Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Espressif Systems Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

European Registry for Internet Domains Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Express Logic Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Extreme Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

F-Secure Corporation Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fastly Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fedora Project Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Force10 Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Fortinet Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Foundry Brocade Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

FreeBSD Project Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

GFI Software Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU adns Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

GNU glibc Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Geexbox Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Gentoo Linux Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Google Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Grandstream Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Green Hills Software Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

HCC Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

HP Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

HTC Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hewlett Packard Enterprise Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Hitachi Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Honeywell Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Huawei Technologies Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

IBM Corporation Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

INTEROP Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

IP Infusion Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Illumos Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

InfoExpress Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Infoblox Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Inmarsat Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Intel Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Internet Systems Consortium - DHCP Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

JH Software Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Joyent Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Juniper Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

LG Electronics Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

LITE-ON Technology Corporation Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lancope Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lantronix Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lenovo Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

LiteSpeed Technologies Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Lynx Software Technologies Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Marvell Semiconductor Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

McAfee Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

MediaTek Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Medtronic Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Men & Mice Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Micro Focus Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Microchip Technology Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Microsoft Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

MikroTik Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Miredo Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Mitel Networks Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Muonics Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

NEC Corporation Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

NETSCOUT Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

NIKSUN Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

NLnet Labs Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Netgear Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nokia Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Nominum Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

OleumTech Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenBSD Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenSSL Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

OpenWRT Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Oracle Corporation Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Oryx Embedded Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

PHPIDS Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Paessler Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Palo Alto Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Philips Electronics Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Proxim Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Pulse Secure Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

QLogic Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

QNX Software Systems Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

QUALCOMM Incorporated Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quadros Systems Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Quagga Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Red Hat Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Riverbed Technologies Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Rocket RTOS (Inactive) Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Roku Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

SEIKO EPSON Corp. / Epson America Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

SMC Networks Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

SUSE Linux Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

SafeNet Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Samsung Mobile Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Secure64 Software Corporation Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Slackware Linux Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Snort Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

SonicWall Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sonos Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sony Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sophos Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Sourcefire Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Symantec Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

TDS Telecom Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

TP-LINK Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Technicolor Unknown

Notified: 2020-06-29 Updated: 2020-07-02 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Tenable Network Security Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

TippingPoint Technologies Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Treck Unknown

Notified: 2020-05-05 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Turbolinux Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubiquiti Networks Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Ubuntu Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Unisys Corporation Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Untangle Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

VMware Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Vertical Networks Inc. Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Wind River Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

WizNET Technology Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

XigmaNAS Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Xilinx Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zebra Technologies Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

Zephyr Project Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

dd-wrt Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

dnsmasq Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

eCosCentric Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

eero Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

lwIP Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

m0n0wall Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

netsnmp Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

pfSense Unknown

Notified: 2020-04-16 Updated: 2020-06-29 CVE-2020-12695 Unknown

Vendor Statement

We have not received a statement from the vendor.

View all 194 vendors __View less vendors __

References

Other Information

CVE IDs: CVE-2020-12695
Date Public: 2020-06-08 Date First Published:

Related

nessus 27
osv 14
githubexploit 2
openvas 23
alpinelinux 1
oraclelinux 1
fedora 5
mageia 2
ubuntu 4
attackerkb 1
ubuntucve 1
archlinux 1
veracode 1
prion 1
debian 6
cve 1
redhat 1
redhatcve 1
cisa 1
huawei 1
rocky 1
almalinux 1
debiancve 1
suse 6
thn 1
malwarebytes 1
slackware 1
nessus
nessus
Oracle Linux 8 : gssdp / and / gupnp (ELSA-2021-1789)
2021-05-26 00:00:00
Rocky Linux 8 : gssdp and gupnp (RLSA-2021:1789)
2023-11-06 00:00:00
EulerOS Virtualization for ARM 64 3.0.2.0 : wpa_supplicant (EulerOS-SA-2020-1981)
2020-09-08 00:00:00
osv
osv
CVE-2020-12695
2020-06-08 17:15:09
gupnp vulnerability
2020-09-15 11:22:53
Moderate: gssdp and gupnp security update
2021-05-18 06:05:22
githubexploit
githubexploit
Exploit for Incorrect Default Permissions in Ui Unifi Controller
2020-06-10 14:18:34
Exploit for Incorrect Default Permissions in Ui Unifi Controller
2020-06-08 07:37:49
openvas
openvas
Fedora: Security Advisory for gssdp (FEDORA-2020-1f7fc0d0c9)
2020-07-04 00:00:00
Huawei EulerOS: Security Advisory for wpa_supplicant (EulerOS-SA-2020-2477)
2020-11-05 00:00:00
Ubuntu: Security Advisory (USN-4494-1)
2020-09-16 00:00:00
alpinelinux
alpinelinux
CVE-2020-12695
2020-06-08 17:15:00
oraclelinux
oraclelinux
gssdp and gupnp security update
2021-05-25 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: gssdp-1.0.4-1.fc31
2020-07-09 01:06:59
[SECURITY] Fedora 31 Update: gupnp-1.0.5-1.fc31
2020-07-09 01:07:00
[SECURITY] Fedora 32 Update: hostapd-2.9-4.fc32
2020-07-03 01:19:38
mageia
mageia
Updated gssdp/gupnp packages fix security vulnerability
2020-08-01 02:25:42
Updated minidlna packages fix security vulnerabilities
2020-12-31 17:32:44
ubuntu
ubuntu
GUPnP vulnerability
2020-09-15 00:00:00
wpa_supplicant and hostapd vulnerabilities
2021-02-11 00:00:00
wpa_supplicant and hostapd vulnerabilities
2021-02-16 00:00:00
attackerkb
attackerkb
CVE-2020-12695 "CallStranger"
2020-06-08 00:00:00
ubuntucve
ubuntucve
CVE-2020-12695
2020-06-08 00:00:00
archlinux
archlinux
[ASA-202012-16] hostapd: proxy injection
2020-12-09 00:00:00
veracode
veracode
Authorization Bypass
2020-08-06 21:39:39
prion
prion
Open redirect
2020-06-08 17:15:00
debian
debian
[SECURITY] [DLA 2315-1] gupnp security update
2020-08-06 17:27:49
[SECURITY] [DSA 4806-1] minidlna security update
2020-12-07 21:38:44
[SECURITY] [DLA 2489-1] minidlna security update
2020-12-10 21:27:37
cve
cve
CVE-2020-12695
2020-06-08 17:15:00
redhat
redhat
(RHSA-2021:1789) Moderate: gssdp and gupnp security update
2021-05-18 06:05:22
redhatcve
redhatcve
CVE-2020-12695
2020-06-10 14:56:13
cisa
cisa
CERT/CC Reports Vulnerability in Universal Plug and Play Protocol
2020-06-09 00:00:00
huawei
huawei
Security Advisory - CallStranger Vulnerability in UPnP Protocol
2020-07-01 00:00:00
rocky
rocky
gssdp and gupnp security update
2021-05-18 06:05:22
almalinux
almalinux
Moderate: gssdp and gupnp security update
2021-05-18 06:05:22
debiancve
debiancve
CVE-2020-12695
2020-06-08 17:15:00
suse
suse
Security update for minidlna (moderate)
2020-12-10 00:00:00
Security update for minidlna (moderate)
2020-12-04 00:00:00
Security update for minidlna (moderate)
2020-12-07 00:00:00
thn
thn
Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models
2021-11-18 12:59:00
malwarebytes
malwarebytes
Cisco Small Business routers vulnerable to remote attacks, won’t get a patch
2021-08-19 20:29:09
slackware
slackware
[slackware-security] wpa_supplicant
2021-12-29 03:28:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:P/I:N/A:C

0.005 Low

EPSS

Percentile

77.2%

JSON
Related for VU:339275
nessus27osv14githubexploit2openvas23alpinelinux1oraclelinux1fedora5mageia2ubuntu4attackerkb1ubuntucve1archlinux1veracode1prion1debian6cve1redhat1redhatcve1cisa1huawei1rocky1almalinux1debiancve1suse6thn1malwarebytes1slackware1