CVE-2020-12695
CVE-2020-12695 (CallStranger) concerns UPnP SUBSCRIBE handling in the Open Connectivity Foundation specification prior to 2020-04-17. The root cause is a controllable Callback header that can trigger HTTP connections to arbitrary URLs, enabling SSRF-like behavior and potentially leading to amplif...