CVE-2020-12695

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

CVSS v3 7.5 HIGH
CVSS v2.0 7.8 HIGH

7.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.2 / Impact : 4.7

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:C

Exploitability : 8.6 / Impact : 7.8

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact COMPLETE

References

Link	Resource
http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html	Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2020/06/08/2	Mailing List Third Party Advisory
https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/	Third Party Advisory
https://github.com/corelight/callstranger-detector	Third Party Advisory
https://github.com/yunuscadirci/CallStranger	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html	Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/	Mailing List Third Party Advisory
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/	Mailing List Third Party Advisory
https://usn.ubuntu.com/4494-1/	Third Party Advisory
https://www.callstranger.com	Broken Link
https://www.debian.org/security/2020/dsa-4806	Third Party Advisory
https://www.debian.org/security/2021/dsa-4898	Third Party Advisory
https://www.kb.cert.org/vuls/id/339275	Third Party Advisory US Government Resource
https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:ui:unifi_controller:-:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:w1.fi:hostapd:*:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:h:asus:rt-n11:-:*:*:*:*:*:*:*

Configuration 4 (hide)

cpe:2.3:h:broadcom:adsl:-:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:h:canon:selphy_cp1200:-:*:*:*:*:*:*:*

Configuration 6 (hide)

OR	cpe:2.3:h:cisco:wap131:-:::::::*
	cpe:2.3:h:cisco:wap150:-:::::::*
	cpe:2.3:h:cisco:wap351:-:::::::*

Configuration 7 (hide)

cpe:2.3:h:dlink:dvg-n5412sp:-:*:*:*:*:*:*:*

Configuration 8 (hide)

cpe:2.3:h:dell:b1165nfw:-:*:*:*:*:*:*:*

Configuration 9 (hide)

OR	cpe:2.3:h:epson:ep-101:-:::::::*
	cpe:2.3:h:epson:ew-m970a3t:-:::::::*
	cpe:2.3:h:epson:m571t:-:::::::*
	cpe:2.3:h:epson:xp-100:-:::::::*
	cpe:2.3:h:epson:xp-2101:-:::::::*
	cpe:2.3:h:epson:xp-2105:-:::::::*
	cpe:2.3:h:epson:xp-241:-:::::::*
	cpe:2.3:h:epson:xp-320:-:::::::*
	cpe:2.3:h:epson:xp-330:-:::::::*
	cpe:2.3:h:epson:xp-340:-:::::::*
	cpe:2.3:h:epson:xp-4100:-:::::::*
	cpe:2.3:h:epson:xp-4105:-:::::::*
	cpe:2.3:h:epson:xp-440:-:::::::*
	cpe:2.3:h:epson:xp-620:-:::::::*
	cpe:2.3:h:epson:xp-630:-:::::::*
	cpe:2.3:h:epson:xp-702:-:::::::*
	cpe:2.3:h:epson:xp-8500:-:::::::*
	cpe:2.3:h:epson:xp-8600:-:::::::*
	cpe:2.3:h:epson:xp-960:-:::::::*
	cpe:2.3:h:epson:xp-970:-:::::::*

Configuration 10 (hide)

OR	cpe:2.3:h:hp:5020_z4a69a:-:::::::*
	cpe:2.3:h:hp:5030_m2u92b:-:::::::*
	cpe:2.3:h:hp:5030_z4a70a:-:::::::*
	cpe:2.3:h:hp:5034_z4a74a:-:::::::*
	cpe:2.3:h:hp:5660_f8b04a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3456_a9t84c:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t81c:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3545_a9t83b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3546_a9t82a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_3548_a9t81b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4515:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4518:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4535_f0v64c:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4536_f0v65a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4538_f0v66b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4675_f1h97c:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4676_f1h98a:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_4678_f1h99b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48b:-:::::::*
	cpe:2.3:h:hp:deskjet_ink_advantage_5575_g0v48c:-:::::::*
	cpe:2.3:h:hp:envy_100_cn517a:-:::::::*
	cpe:2.3:h:hp:envy_100_cn517b:-:::::::*
	cpe:2.3:h:hp:envy_100_cn517c:-:::::::*
	cpe:2.3:h:hp:envy_100_cn518a:-:::::::*
	cpe:2.3:h:hp:envy_100_cn519a:-:::::::*
	cpe:2.3:h:hp:envy_100_cn519b:-:::::::*
	cpe:2.3:h:hp:envy_110_cq809a:-:::::::*
	cpe:2.3:h:hp:envy_110_cq809b:-:::::::*
	cpe:2.3:h:hp:envy_110_cq809c:-:::::::*
	cpe:2.3:h:hp:envy_110_cq809d:-:::::::*
	cpe:2.3:h:hp:envy_110_cq812c:-:::::::*
	cpe:2.3:h:hp:envy_111_cq810a:-:::::::*
	cpe:2.3:h:hp:envy_114_cq811a:-:::::::*
	cpe:2.3:h:hp:envy_114_cq811b:-:::::::*
	cpe:2.3:h:hp:envy_114_cq812a:-:::::::*
	cpe:2.3:h:hp:envy_120_cz022a:-:::::::*
	cpe:2.3:h:hp:envy_120_cz022b:-:::::::*
	cpe:2.3:h:hp:envy_120_cz022c:-:::::::*
	cpe:2.3:h:hp:envy_4500_a9t80a:-:::::::*
	cpe:2.3:h:hp:envy_4500_a9t80b:-:::::::*
	cpe:2.3:h:hp:envy_4500_a9t89a:-:::::::*
	cpe:2.3:h:hp:envy_4500_d3p93a:-:::::::*
	cpe:2.3:h:hp:envy_4501_c8d05a:-:::::::*
	cpe:2.3:h:hp:envy_4502_a9t85a:-:::::::*
	cpe:2.3:h:hp:envy_4502_a9t87b:-:::::::*
	cpe:2.3:h:hp:envy_4503_e6g71b:-:::::::*
	cpe:2.3:h:hp:envy_4504_a9t88b:-:::::::*
	cpe:2.3:h:hp:envy_4504_c8d04a:-:::::::*
	cpe:2.3:h:hp:envy_4505_a9t86a:-:::::::*
	cpe:2.3:h:hp:envy_4507_e6g70b:-:::::::*
	cpe:2.3:h:hp:envy_4508_e6g72b:-:::::::*
	cpe:2.3:h:hp:envy_4509_d3p94a:-:::::::*
	cpe:2.3:h:hp:envy_4509_d3p94b:-:::::::*
	cpe:2.3:h:hp:envy_4511_k9h50a:-:::::::*
	cpe:2.3:h:hp:envy_4512_k9h49a:-:::::::*
	cpe:2.3:h:hp:envy_4513_k9h51a:-:::::::*
	cpe:2.3:h:hp:envy_4516_k9h52a:-:::::::*
	cpe:2.3:h:hp:envy_4520_e6g67a:-:::::::*
	cpe:2.3:h:hp:envy_4520_e6g67b:-:::::::*
cpe:2.3:h:hp:envy_4520_f0v63a:-:::::::*
cpe:2.3:h:hp:envy_4520_f0v63b:-:::::::*
cpe:2.3:h:hp:envy_4520_f0v69a:-:::::::*
cpe:2.3:h:hp:envy_4521_k9t10b:-:::::::*
cpe:2.3:h:hp:envy_4522_f0v67a:-:::::::*
cpe:2.3:h:hp:envy_4523_j6u60b:-:::::::*
cpe:2.3:h:hp:envy_4524_f0v71b:-:::::::*
cpe:2.3:h:hp:envy_4524_f0v72b:-:::::::*
cpe:2.3:h:hp:envy_4524_k9t01a:-:::::::*
cpe:2.3:h:hp:envy_4525_k9t09b:-:::::::*
cpe:2.3:h:hp:envy_4526_k9t05b:-:::::::*
cpe:2.3:h:hp:envy_4527_j6u61b:-:::::::*
cpe:2.3:h:hp:envy_4528_k9t08b:-:::::::*
cpe:2.3:h:hp:envy_5000_m2u85a:-:::::::*
cpe:2.3:h:hp:envy_5000_m2u85b:-:::::::*
cpe:2.3:h:hp:envy_5000_m2u91a::::::::
cpe:2.3:h:hp:envy_5000_m2u91a:-:::::::*
cpe:2.3:h:hp:envy_5000_m2u94b:-:::::::*
cpe:2.3:h:hp:envy_5000_z4a54a:-:::::::*
cpe:2.3:h:hp:envy_5000_z4a74a:-:::::::*
cpe:2.3:h:hp:envy_5020_m2u91b:-:::::::*
cpe:2.3:h:hp:envy_5530:-:::::::*
cpe:2.3:h:hp:envy_5531:-:::::::*
cpe:2.3:h:hp:envy_5532:-:::::::*
cpe:2.3:h:hp:envy_5534:-:::::::*
cpe:2.3:h:hp:envy_5535:-:::::::*
cpe:2.3:h:hp:envy_5536:-:::::::*
cpe:2.3:h:hp:envy_5539:-:::::::*
cpe:2.3:h:hp:envy_5540_f2e72a:-:::::::*
cpe:2.3:h:hp:envy_5540_g0v47a:-:::::::*
cpe:2.3:h:hp:envy_5540_g0v51a:-:::::::*
cpe:2.3:h:hp:envy_5540_g0v52a:-:::::::*
cpe:2.3:h:hp:envy_5540_g0v53a:-:::::::*
cpe:2.3:h:hp:envy_5540_k7c85a:-:::::::*
cpe:2.3:h:hp:envy_5541_k7g89a:-:::::::*
cpe:2.3:h:hp:envy_5542_k7c88a:-:::::::*
cpe:2.3:h:hp:envy_5543_n9u88a:-:::::::*
cpe:2.3:h:hp:envy_5544_k7c89a:-:::::::*
cpe:2.3:h:hp:envy_5544_k7c93a:-:::::::*
cpe:2.3:h:hp:envy_5545_g0v50a:-:::::::*
cpe:2.3:h:hp:envy_5546_k7c90a:-:::::::*
cpe:2.3:h:hp:envy_5547_j6u64a:-:::::::*
cpe:2.3:h:hp:envy_5548_k7g87a:-:::::::*
cpe:2.3:h:hp:envy_5640_b9s56a:-:::::::*
cpe:2.3:h:hp:envy_5640_b9s58a:-:::::::*
cpe:2.3:h:hp:envy_5642_b9s64a:-:::::::*
cpe:2.3:h:hp:envy_5643_b9s63a:-:::::::*
cpe:2.3:h:hp:envy_5644_b9s65a:-:::::::*
cpe:2.3:h:hp:envy_5646_f8b05a:-:::::::*
cpe:2.3:h:hp:envy_5664_f8b08a:-:::::::*
cpe:2.3:h:hp:envy_5665_f8b06a:-:::::::*
cpe:2.3:h:hp:envy_6020_5se16b:-:::::::*
cpe:2.3:h:hp:envy_6020_5se17a:-:::::::*
cpe:2.3:h:hp:envy_6020_6wd35a:-:::::::*
cpe:2.3:h:hp:envy_6020_7cz37a:-:::::::*
cpe:2.3:h:hp:envy_6052_5se18a:-:::::::*
cpe:2.3:h:hp:envy_6055_5se16a:-:::::::*
cpe:2.3:h:hp:envy_6540_b9s59a:-:::::::*
cpe:2.3:h:hp:envy_7640:-:::::::*
cpe:2.3:h:hp:envy_7644_e4w46a:-:::::::*
cpe:2.3:h:hp:envy_7645_e4w44a:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_k7g18a:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_k7g26b:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_k7s21b:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_y0k13d_:-:::::::*
cpe:2.3:h:hp:envy_photo_6200_y0k15a:-:::::::*
cpe:2.3:h:hp:envy_photo_6220_k7g20d:-:::::::*
cpe:2.3:h:hp:envy_photo_6220_k7g21b:-:::::::*
cpe:2.3:h:hp:envy_photo_6222_y0k13d:-:::::::*
cpe:2.3:h:hp:envy_photo_6222_y0k14d:-:::::::*
cpe:2.3:h:hp:envy_photo_6230_k7g25b:-:::::::*
cpe:2.3:h:hp:envy_photo_6232_k7g26b:-:::::::*
cpe:2.3:h:hp:envy_photo_6234_k7s21b:-:::::::*
cpe:2.3:h:hp:envy_photo_6252_k7g22a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_3xd89a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_k7g93a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_k7g99a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_z3m37a:-:::::::*
cpe:2.3:h:hp:envy_photo_7100_z3m52a:-:::::::*
cpe:2.3:h:hp:envy_photo_7120_z3m41d:-:::::::*
cpe:2.3:h:hp:envy_photo_7155_z3m52a:-:::::::*
cpe:2.3:h:hp:envy_photo_7164_k7g99a:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_k7r96a:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_k7s00a:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_k7s10d:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_y0g42d:-:::::::*
cpe:2.3:h:hp:envy_photo_7800_y0g52b:-:::::::*
cpe:2.3:h:hp:envy_photo_7822_y0g42d:-:::::::*
cpe:2.3:h:hp:envy_photo_7822_y0g43d:-:::::::*
cpe:2.3:h:hp:envy_photo_7830_y0g50b:-:::::::*
cpe:2.3:h:hp:envy_pro_6420_5se45b:-:::::::*
cpe:2.3:h:hp:envy_pro_6420_5se46a:-:::::::*
cpe:2.3:h:hp:envy_pro_6420_6wd14a:-:::::::*
cpe:2.3:h:hp:envy_pro_6420_6wd16a:-:::::::*
cpe:2.3:h:hp:envy_pro_6452_5se47a:-:::::::*
cpe:2.3:h:hp:envy_pro_6455_5se45a:-:::::::*
cpe:2.3:h:hp:officejet_4650_e6g87a:-:::::::*
cpe:2.3:h:hp:officejet_4650_f1h96a:-:::::::*
cpe:2.3:h:hp:officejet_4650_f1h96b:-:::::::*
cpe:2.3:h:hp:officejet_4652_f1j02a:-:::::::*
cpe:2.3:h:hp:officejet_4652_f1j05b:-:::::::*
cpe:2.3:h:hp:officejet_4652_k9v84b:-:::::::*
cpe:2.3:h:hp:officejet_4654_f1j06b:-:::::::*
cpe:2.3:h:hp:officejet_4654_f1j07b:-:::::::*
cpe:2.3:h:hp:officejet_4655_f1j00a:-:::::::*
cpe:2.3:h:hp:officejet_4655_k9v79a:-:::::::*
cpe:2.3:h:hp:officejet_4655_k9v82b:-:::::::*
cpe:2.3:h:hp:officejet_4656_k9v81b:-:::::::*
cpe:2.3:h:hp:officejet_4657_v6d29b:-:::::::*
cpe:2.3:h:hp:officejet_4658_v6d30b:-:::::::*

Configuration 11 (hide)

OR	cpe:2.3:h:huawei:hg255s:-:::::::*
	cpe:2.3:h:huawei:hg532e:-:::::::*

Configuration 12 (hide)

cpe:2.3:h:nec:wr8165n:-:*:*:*:*:*:*:*

Configuration 13 (hide)

cpe:2.3:h:netgear:wnhde111:-:*:*:*:*:*:*:*

Configuration 14 (hide)

cpe:2.3:h:ruckussecurity:zonedirector_1200:-:*:*:*:*:*:*:*

Configuration 15 (hide)

cpe:2.3:h:tp-link:archer_c50:-:*:*:*:*:*:*:*

Configuration 16 (hide)

cpe:2.3:h:zte:zxv10_w300:-:*:*:*:*:*:*:*

Configuration 17 (hide)

OR	cpe:2.3:h:zyxel:amg1202-t10b:-:::::::*
	cpe:2.3:h:zyxel:vmg8324-b10a:-:::::::*

Configuration 18 (hide)

OR	cpe:2.3:o:microsoft:windows_10:-:::::::*
	cpe:2.3:o:microsoft:xbox_one:10.0.19041.2494:::::::*

Configuration 19 (hide)

OR	cpe:2.3:o:fedoraproject:fedora:31:::::::*
	cpe:2.3:o:fedoraproject:fedora:32:::::::*

Configuration 20 (hide)

OR	cpe:2.3:o:debian:debian_linux:9.0:::::::*
	cpe:2.3:o:debian:debian_linux:10.0:::::::*

Configuration 21 (hide)

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

History

08 Apr 2024, 22:50

Type	Values Removed	Values Added
CPE	cpe:2.3:h:hp:hp_deskjet_ink_advantage_4678_f1h99b:-:::::::* cpe:2.3:h:hp:hp_envy_4521_k9t10b:-:::::::* cpe:2.3:h:hp:hp_officejet_4650_e6g87a:-:::::::* cpe:2.3:h:hp:hp_officejet_4652_f1j05b:-:::::::* cpe:2.3:h:hp:hp_envy_4524_f0v71b:-:::::::* cpe:2.3:h:hp:hp_envy_4522_f0v67a:-:::::::* cpe:2.3:h:hp:hp_envy_4516_k9h52a:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4675_f1h97a:-:::::::* cpe:2.3:h:hp:hp_envy_4511_k9h50a:-:::::::* cpe:2.3:h:hp:hp_envy_4523_j6u60b:-:::::::* cpe:2.3:h:hp:hp_envy_4520_e6g67a:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4675_f1h97c:-:::::::* cpe:2.3:h:hp:hp_officejet_4657_v6d29b:-:::::::* cpe:2.3:h:hp:hp_envy_4520_e6g67b:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4538_f0v66b:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4535_f0v64a:-:::::::* cpe:2.3:h:hp:hp_officejet_4650_f1h96b:-:::::::* cpe:2.3:h:hp:hp_officejet_4655_k9v82b:-:::::::* cpe:2.3:h:hp:hp_officejet_4658_v6d30b:-:::::::* cpe:2.3:h:hp:hp_officejet_4652_k9v84b:-:::::::* cpe:2.3:h:hp:hp_officejet_4656_k9v81b:-:::::::* cpe:2.3:h:hp:hp_envy_4525_k9t09b:-:::::::* cpe:2.3:h:hp:hp_officejet_4652_f1j02a:-:::::::* cpe:2.3:h:hp:hp_officejet_4654_f1j06b:-:::::::* cpe:2.3:h:hp:hp_envy_4526_k9t05b:-:::::::* cpe:2.3:h:hp:hp_envy_4528_k9t08b:-:::::::* cpe:2.3:h:hp:hp_envy_4512_k9h49a:-:::::::* cpe:2.3:h:hp:hp_envy_4520_f0v63a:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4675_f1h97b:-:::::::* cpe:2.3:h:hp:hp_envy_4513_k9h51a:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4535_f0v64c:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4535_f0v64b:-:::::::* cpe:2.3:h:hp:hp_officejet_4650_f1h96a:-:::::::* cpe:2.3:h:hp:hp_envy_4527_j6u61b:-:::::::* cpe:2.3:h:hp:hp_envy_4520_f0v69a:-:::::::* cpe:2.3:h:hp:hp_officejet_4655_k9v79a:-:::::::* cpe:2.3:h:hp:hp_officejet_4655_f1j00a:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4676_f1h98a:-:::::::* cpe:2.3:h:hp:hp_envy_4524_k9t01a:-:::::::* cpe:2.3:h:hp:hp_envy_4520_f0v63b:-:::::::* cpe:2.3:h:hp:hp_deskjet_ink_advantage_4536_f0v65a:-:::::::* cpe:2.3:h:hp:hp_officejet_4654_f1j07b:-:::::::* cpe:2.3:h:hp:hp_envy_4524_f0v72b:-:::::::*	cpe:2.3:o:fedoraproject:fedora:32:::::::* cpe:2.3:o:fedoraproject:fedora:31:::::::* cpe:2.3:o:canonical:ubuntu_linux:20.04::::lts::: cpe:2.3:o:debian:debian_linux:10.0:::::::* cpe:2.3:o:debian:debian_linux:9.0:::::::*
References	~~() https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/ -~~	() https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/ - Third Party Advisory
References	~~() https://github.com/corelight/callstranger-detector -~~	() https://github.com/corelight/callstranger-detector - Third Party Advisory
References	~~() https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html -~~	() https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html - Third Party Advisory
References	~~() https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html -~~	() https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html - Third Party Advisory
References	~~() https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html -~~	() https://lists.debian.org/debian-lts-announce/2020/12/msg00017.html - Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/L3SHL4LOFGHJ3DIXSUIQELGVBDJ7V7LB/ - Mailing List, Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZDWHKGN3LMGSUEOAAVAMOD3IUIPJVOJ/ - Mailing List, Third Party Advisory
References	~~() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ -~~	() https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RQEYVY4D7LASH6AI4WK3IK2QBFHHF3Q2/ - Mailing List, Third Party Advisory
References	~~() https://usn.ubuntu.com/4494-1/ -~~	() https://usn.ubuntu.com/4494-1/ - Third Party Advisory
References	~~() https://www.callstranger.com - Third Party Advisory~~	() https://www.callstranger.com - Broken Link
References	~~() https://www.debian.org/security/2020/dsa-4806 -~~	() https://www.debian.org/security/2020/dsa-4806 - Third Party Advisory
References	~~() https://www.debian.org/security/2021/dsa-4898 -~~	() https://www.debian.org/security/2021/dsa-4898 - Third Party Advisory
First Time		Debian debian Linux Fedoraproject fedora Canonical Fedoraproject Canonical ubuntu Linux Debian

26 Apr 2023, 18:55

Type	Values Removed	Values Added
CPE	cpe:2.3:h:d-link:dvg-n5412sp:-:::::::*	cpe:2.3:h:dlink:dvg-n5412sp:-:::::::*

Information

Published : 2020-06-08 17:15

Updated : 2024-04-08 22:50

NVD link : CVE-2020-12695

Mitre link : CVE-2020-12695

CVE.ORG link : CVE-2020-12695

JSON object : View

Products Affected

envy_pro_6420_6wd16a
officejet_4652_f1j05b
envy_photo_6252_k7g22a
envy_4507_e6g70b
envy_photo_6222_y0k14d
envy_photo_7800_y0g42d
envy_4500_a9t89a
officejet_4654_f1j06b
envy_photo_6200_k7s21b
envy_5646_f8b05a
envy_4520_e6g67b
envy_5548_k7g87a
envy_5547_j6u64a
envy_6020_6wd35a
envy_photo_6222_y0k13d
envy_5543_n9u88a
envy_5644_b9s65a
5030_z4a70a
envy_4511_k9h50a
envy_pro_6420_5se45b
officejet_4656_k9v81b
envy_4520_e6g67a
envy_7640
envy_5544_k7c89a
envy_5536
officejet_4650_f1h96a
envy_4508_e6g72b
envy_6540_b9s59a
envy_4525_k9t09b
envy_114_cq811b
envy_photo_6200_y0k13d_
envy_100_cn519a
envy_5664_f8b08a
deskjet_ink_advantage_3456_a9t84c
envy_7645_e4w44a
envy_5540_k7c85a
envy_photo_6200_y0k15a
envy_4527_j6u61b
envy_6052_5se18a
envy_110_cq809c
5020_z4a69a
deskjet_ink_advantage_3546_a9t82a
deskjet_ink_advantage_4675_f1h97c
envy_4513_k9h51a
envy_4526_k9t05b
envy_4528_k9t08b
envy_photo_7100_k7g99a
officejet_4655_k9v82b
officejet_4657_v6d29b
envy_7644_e4w46a
envy_4509_d3p94a
envy_111_cq810a
envy_4524_f0v72b
envy_photo_6230_k7g25b
deskjet_ink_advantage_5575_g0v48c
envy_4520_f0v63a
envy_5544_k7c93a
envy_5540_f2e72a
envy_4504_c8d04a
envy_4516_k9h52a
envy_4524_f0v71b
envy_photo_7800_k7s10d
deskjet_ink_advantage_4515
envy_120_cz022a
envy_5539
envy_5541_k7g89a
deskjet_ink_advantage_4518
deskjet_ink_advantage_3545_a9t83b
deskjet_ink_advantage_4675_f1h97a
envy_5000_m2u94b
envy_4524_k9t01a
envy_114_cq811a
envy_110_cq809a
5030_m2u92b
envy_photo_7800_y0g52b
envy_5540_g0v52a
envy_photo_7100_3xd89a
envy_4502_a9t85a
envy_5000_z4a54a
envy_photo_7800_k7s00a
envy_5532
envy_4500_d3p93a
envy_6020_5se17a
envy_4509_d3p94b
envy_5530
envy_5642_b9s64a
envy_photo_7800_k7r96a
envy_100_cn517b
5660_f8b04a
envy_pro_6455_5se45a
envy_110_cq812c
envy_120_cz022c
envy_4523_j6u60b
envy_5000_m2u91a
envy_5534
envy_photo_7100_z3m52a
envy_photo_7120_z3m41d
envy_pro_6452_5se47a
envy_4502_a9t87b
envy_5545_g0v50a
officejet_4658_v6d30b
deskjet_ink_advantage_4536_f0v65a
officejet_4655_f1j00a
envy_5540_g0v51a
envy_5531
envy_4521_k9t10b
envy_100_cn519b
deskjet_ink_advantage_3545_a9t81c
envy_114_cq812a
envy_photo_6232_k7g26b
envy_photo_7822_y0g43d
envy_5000_m2u85b
envy_4522_f0v67a
envy_5542_k7c88a
envy_5020_m2u91b
envy_4520_f0v69a
deskjet_ink_advantage_4535_f0v64b
envy_photo_7155_z3m52a
envy_pro_6420_6wd14a
envy_photo_7164_k7g99a
envy_4500_a9t80a
5034_z4a74a
envy_4500_a9t80b
envy_5535
envy_110_cq809b
envy_120_cz022b
deskjet_ink_advantage_3545_a9t81a
envy_5640_b9s58a
envy_5643_b9s63a
envy_100_cn517a
envy_5000_z4a74a
envy_photo_7100_k7g93a
envy_photo_6220_k7g21b
deskjet_ink_advantage_4676_f1h98a
envy_4501_c8d05a
officejet_4650_e6g87a
officejet_4655_k9v79a
envy_6020_7cz37a
envy_5665_f8b06a
envy_photo_7100_z3m37a
envy_4520_f0v63b
envy_110_cq809d
envy_5540_g0v53a
envy_6055_5se16a
deskjet_ink_advantage_4675_f1h97b
deskjet_ink_advantage_4538_f0v66b
envy_5540_g0v47a
envy_100_cn517c
envy_photo_6234_k7s21b
deskjet_ink_advantage_5575_g0v48b
deskjet_ink_advantage_4535_f0v64a
envy_photo_6200_k7g26b
envy_photo_6200_k7g18a
envy_4504_a9t88b
officejet_4654_f1j07b
envy_4512_k9h49a
envy_photo_7830_y0g50b
envy_4503_e6g71b
envy_5640_b9s56a
envy_pro_6420_5se46a
envy_photo_6220_k7g20d
envy_photo_7822_y0g42d
officejet_4650_f1h96b
envy_6020_5se16b
deskjet_ink_advantage_4535_f0v64c
deskjet_ink_advantage_3548_a9t81b
officejet_4652_k9v84b
officejet_4652_f1j02a
envy_5000_m2u85a
envy_5546_k7c90a
envy_4505_a9t86a
envy_100_cn518a
deskjet_ink_advantage_4678_f1h99b

epson

xp-4100
xp-8600
xp-4105
xp-630
xp-330
xp-970
xp-620
xp-702
xp-440
xp-2105
ep-101
xp-320
xp-8500
xp-100
xp-2101
m571t
xp-340
xp-960
ew-m970a3t
xp-241

zyxel

amg1202-t10b
vmg8324-b10a

broadcom

adsl

huawei

hg255s
hg532e

netgear

wnhde111

unifi_controller

tp-link

archer_c50

dlink

dvg-n5412sp

canon

selphy_cp1200

cisco

wap150
wap131
wap351

ruckussecurity

zonedirector_1200

zte

zxv10_w300

asus

rt-n11

microsoft

xbox_one
windows_10

nec

wr8165n

dell

b1165nfw

debian

debian_linux

canonical

ubuntu_linux

fedoraproject

fedora

w1.fi

hostapd

CWE

CWE-276

Incorrect Default Permissions

7.5 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

7.8 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact COMPLETE

JSON object

Attach tags to CVE-2020-12695

7.5^/10

7.8^/10

Attach tags to `CVE-2020-12695`