Exploit for #VU28948 Input validation error in Universal Plug and Play (UPnP)

Exploit for #VU28948 Input validation error in Universal Plug and Play (UPnP)

Published: 2020-06-16 | Updated: 2022-08-07

Vulnerability identifier: #VU28948

Vulnerability risk: Medium

CVSSv3.1: 7.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H/E:P/RL:O/RC:C]

CVE-ID: CVE-2020-12695

CWE-ID: CWE-20

Exploitation vector: Network

Exploits in database: 3

August 7, 2022
- CallStranger (CallStranger (CVE-2020-12695) vulnerability.) [Github]
June 19, 2020
- callstranger-detector (Zeek Plugin that detects CallStranger (CVE-2020-12695) attempts (http://callstranger.com/)) [Github]
June 16, 2020
- CallStranger (Vulnerability checker for Callstranger (CVE-2020-12695)) [Github]

Vulnerable software:
Universal Plug and Play (UPnP)
Other software / Other software solutions

Vendor: Open Connectivity Foundation