Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations

🗓️ 08 Jun 2020 00:00:00Reported by CERTType

UPnP SUBSCRIBE abuse to send traffic to arbitrary destination

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 118
OSV	gupnp vulnerability	15 Sep 202011:22	–	osv
OSV	CVE-2020-12695	8 Jun 202017:15	–	osv
OSV	Moderate: gssdp and gupnp security update	18 May 202106:05	–	osv
OSV	Moderate: gssdp and gupnp security update	18 May 202106:05	–	osv
OSV	gupnp - security update	6 Aug 202000:00	–	osv
OSV	RHSA-2021:1789 Red Hat Security Advisory: gssdp and gupnp security update	16 Sep 202404:57	–	osv
OSV	minidlna vulnerabilities	4 Feb 202119:46	–	osv
OSV	CVE-2020-23622	15 Aug 202220:15	–	osv
OSV	minidlna - security update	7 Dec 202000:00	–	osv
OSV	OPENSUSE-SU-2024:11050-1 minidlna-1.3.0-2.7 on GA media	15 Jun 202400:00	–	osv

Source	Link
callstranger	www.callstranger.com/
openconnectivity	www.openconnectivity.org/developer/specifications/upnp-resources/upnp/
kb	www.kb.cert.org/vuls/search/
github	www.github.com/yunuscadirci/CallStranger
tenable	www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

08 Jun 2020 00:00Current

8.1High risk

Vulners AI Score8.1

CVSS27.8

CVSS37.5

EPSS0.03987