mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-19 17:30:12 +00:00
2.6 KiB
2.6 KiB
CVE-2020-12695
Description
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
POC
Reference
- http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html
- https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek/
- https://github.com/corelight/callstranger-detector
- https://www.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of
Github
- https://github.com/0xT11/CVE-POC
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CnHack3r/Penetration_PoC
- https://github.com/EchoGin404/-
- https://github.com/EchoGin404/gongkaishouji
- https://github.com/Mr-xn/Penetration_Testing_POC
- https://github.com/Tyro-Shan/gongkaishouji
- https://github.com/WinMin/Protocol-Vul
- https://github.com/YIXINSHUWU/Penetration_Testing_POC
- https://github.com/ZTK-009/Penetration_PoC
- https://github.com/alphaSeclab/sec-daily-2020
- https://github.com/aoeII/asuswrt-for-Tenda-AC9-Router
- https://github.com/corelight/callstranger-detector
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/gaahrdner/starred
- https://github.com/hasee2018/Penetration_Testing_POC
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/hktalent/TOP
- https://github.com/hktalent/bug-bounty
- https://github.com/huike007/penetration_poc
- https://github.com/huike007/poc
- https://github.com/krzemienski/awesome-from-stars
- https://github.com/lions2012/Penetration_Testing_POC
- https://github.com/mvlnetdev/zeek_detection_script_collection
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/password520/Penetration_PoC
- https://github.com/pentration/gongkaishouji
- https://github.com/soosmile/POC
- https://github.com/winterwolf32/CVE-S---Penetration_Testing_POC-
- https://github.com/xuetusummer/Penetration_Testing_POC
- https://github.com/yedada-wei/-
- https://github.com/yedada-wei/gongkaishouji
- https://github.com/yunuscadirci/CallStranger
- https://github.com/yunuscadirci/DIALStranger