HOMEVULNERABILITIESCVE-2020-12695
HIGH

CVE-2020-12695

CWE-276Published: June 8, 2020· Updated: Jun 17, 2026

7.5
CVSS v3.1

Official Description

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.

NVD Source

Technical Analysis

CVE-2020-12695 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.

The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.

A successful exploit results in availability disruption (denial of service), with a CVSS base score of 7.5.

The vulnerability has a "Changed" scope, meaning successful exploitation can impact components beyond the vulnerable component itself — such as the host operating system or adjacent services.

CVSS v3.1 Vector Breakdown

Exploitability
Attack VectorNetwork
Attack ComplexityHigh
Privileges Req.None
User InteractionNone
ScopeChanged
Impact
ConfidentialityLow
IntegrityNone
AvailabilityHigh
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H

Affected Vendors & Products

asus1 product(s)
rt-n11
broadcom1 product(s)
adsl
canon1 product(s)
selphy cp1200
Canonical1 product(s)
ubuntu linux
Cisco3 product(s)
wap131wap150wap351
Debian1 product(s)
debian linux
Dell1 product(s)
b1165nfw
dlink1 product(s)
dvg-n5412sp
epson20 product(s)
ep-101ew-m970a3tm571txp-100xp-2101xp-2105xp-241xp-320xp-330xp-340xp-4100xp-4105+8
Fedora1 product(s)
fedora
HP173 product(s)
5020 z4a69a5030 m2u92b5030 z4a70a5034 z4a74a5660 f8b04adeskjet ink advantage 3456 a9t84cdeskjet ink advantage 3545 a9t81adeskjet ink advantage 3545 a9t81cdeskjet ink advantage 3545 a9t83bdeskjet ink advantage 3546 a9t82adeskjet ink advantage 3548 a9t81bdeskjet ink advantage 4515+161
Huawei2 product(s)
hg255shg532e
Microsoft2 product(s)
windows 10xbox one
nec1 product(s)
wr8165n
netgear1 product(s)
wnhde111
ruckussecurity1 product(s)
zonedirector 1200
tp-link1 product(s)
archer c50
ui1 product(s)
unifi controller
w1.fi1 product(s)
hostapd
zte1 product(s)
zxv10 w300
Source: NVD CPE · 220 total CPE entries

Exploit & PoC Resources

NO KNOWN EXPLOITNo public exploit confirmed at this time
External links open in a new tab. Always verify in a controlled environment before use.

Official Patches & Advisories

All References (34)

Quick Facts

CVE IDCVE-2020-12695
CVSS Score7.5 / 10
SeverityHIGH
WeaknessCWE-276
CISA KEVNo
Affected20 vendor(s)
PublishedJun 8, 2020

Related CVEs (CWE-276)

Recommended Actions

  • Apply vendor patches immediately
  • Monitor CVE-2020-12695 in threat intel feeds
  • Review IDS/IPS signatures for exploitation attempts
Data sourced from NVD (NIST), CISA KEV, and EPSS (FIRST). Analysis generated by CTIWATCH.COM. CVE data is provided under the NVD usage policy.