3 matches found
NAT Slipstreaming (CVE-2020-28041)
SonicWall Firewalls are not vulnerable to the NAT Slipstreaming attack.SonicWall Firewall does not open an alternative port set in the SIP packet header, results in an invalid connection, and packets are dropped. CVE: CVE-2020-28041 Last updated: Dec. 15, 2020, 9:41 p.m...
Check Point Response to CVE-2020-28041 - NAT Slipstreaming
Cause The attack involves several vectors - Local IP disclosure, max MTU UDP and TCP calculation and leveraging a SIP parser weakness in fragmented HTTP packets which enables to "Slipstream" a legitimate SIP connection in an HTTP POST request generated by the victim's browser. The full descriptio...
CVE-2020-28041
CVE-2020-28041 affects NETGEAR Nighthawk R7000 (firmware 1.0.9.64_10.2.64). The SIP ALG implementation can be misled by a TCP packet containing an initial REGISTER substring and a correct intranet IP in the Via header, compounded by fragmentation, allowing a remote attacker visiting an attacker-c...