CVSS: 7.8EPSS: 0%CPEs: 220EXPL: 1CVE-2020-12695 – hostapd: UPnP SUBSCRIBE misbehavior in WPS AP
https://notcve.org/view.php?id=CVE-2020-12695
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. La especificación UPnP de Open Connectivity Foundation antes del 17-04-2020 no prohíbe la aceptación de una petición de suscripción con una URL de entrega en un segmento de red diferente a la URL de suscripción de evento totalmente calificada, también se conoce como el problema de CallStranger • https://github.com/yunuscadirci/CallStranger http://packetstormsecurity.com/files/158051/CallStranger-UPnP-Vulnerability-Checker.html http://www.openwall.com/lists/oss-security/2020/06/08/2 https://corelight.blog/2020/06/10/detecting-the-new-callstranger-upnp-vulnerability-with-zeek https://github.com/corelight/callstranger-detector https://lists.debian.org/debian-lts-announce/2020/08/msg00011.html https://lists.debian.org/debian-lts-announce/2020/08/msg00013.html https://lists.debian.org/debian-l • CWE-276: Incorrect Default Permissions CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 5.9EPSS: 0%CPEs: 50EXPL: 0CVE-2015-7256
https://notcve.org/view.php?id=CVE-2015-7256
ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, and NWA1123-NI access points; P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, and VSG1435-B101 DSL CPEs; PMG5318-B20A GPONs; SBG3300-N000, SBG3300-NB00, and SBG3500-N000 small business gateways; GS1900-8 and GS1900-24 switches; and C1000Z, Q1000, FR1000Z, and P8702N project models use non-unique X.509 certificates and SSH host keys. Los puntos de acceso ZyXEL NWA1100-N, NWA1100-NH, NWA1121-NI, NWA1123-AC, NWA1123-NI; los CPE DSL P-660HN-51, P-663HN-51, VMG1312-B10A, VMG1312-B30A, VMG1312-B30B, VMG4380-B10A, VMG8324-B10A, VMG8924-B10A, VMG8924-B30A, VSG1435-B101; las puertas de enlace para pequeñas empresas PMG5318-B20A GPON, SBG3300-N000, SBG3300-NB00, SBG3500-N000; los switches GS1900-8 y GS1900-24 y los modelos de módem C1000Z, Q1000, FR1000Z, P8702N emplean certificados X.509 y claves host de SSH que no son únicos. • http://www.kb.cert.org/vuls/id/566724 http://www.zyxel.com/support/announcement_SSH_private_key_and_certificate_vulnerability.shtml • CWE-310: Cryptographic Issues •