The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
oryginał ENCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:HAsus Rt N11
HWAsuswszystkie wersjeBroadcom Adsl
HWBroadcomwszystkie wersjeCanon Selphy Cp1200
HWCanonwszystkie wersjeCisco Wap131
HWCiscowszystkie wersjeCisco Wap150
HWCiscowszystkie wersjeCisco Wap351
HWCiscowszystkie wersjeDell B1165nfw
HWDellwszystkie wersjeDlink Dvg N5412sp
HWDlinkwszystkie wersjeEpson Ep 101
HWEpsonwszystkie wersjeEpson Ew M970a3t
HWEpsonwszystkie wersjeEpson M571t
HWEpsonwszystkie wersjeEpson Xp 100
HWEpsonwszystkie wersjeEpson Xp 2101
HWEpsonwszystkie wersjeEpson Xp 2105
HWEpsonwszystkie wersjeEpson Xp 241
HWEpsonwszystkie wersjeEpson Xp 320
HWEpsonwszystkie wersjeEpson Xp 330
HWEpsonwszystkie wersjeEpson Xp 340
HWEpsonwszystkie wersjeEpson Xp 4100
HWEpsonwszystkie wersjeEpson Xp 4105
HWEpsonwszystkie wersjeEpson Xp 440
HWEpsonwszystkie wersjeEpson Xp 620
HWEpsonwszystkie wersjeEpson Xp 630
HWEpsonwszystkie wersjeEpson Xp 702
HWEpsonwszystkie wersjeEpson Xp 8500
HWEpsonwszystkie wersjeEpson Xp 8600
HWEpsonwszystkie wersjeEpson Xp 960
HWEpsonwszystkie wersjeEpson Xp 970
HWEpsonwszystkie wersjeHP 5020 Z4a69a
HWHpwszystkie wersjeHP 5030 M2u92b
HWHpwszystkie wersje
Powiązane podatności
The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-ch...
The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channe...
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 5...
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business 100, 300, and 5...
An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0....