Description
An issue in the UPnP protocol in 4thline cling 2.0.0 through 2.1.2 allows remote attackers to cause a denial of service via an unchecked CALLBACK parameter in the request header
Remediation
References
https://github.com/4thline/cling/issues/253
https://zh-cn.tenable.com/blog/cve-2020-12695-callstranger-vulnerability-in-universal-plug-and-play-upnp-puts-billions-of?tns_redirect=true
Related Vulnerabilities
CVE-2019-15953 Vulnerability in npm package total.js
CVE-2023-50730 Vulnerability in maven package edu.gemini:gsp-graphql-core_native0.4_2.13
CVE-2023-40312 Vulnerability in maven package org.opennms:opennms-webapp
CVE-2023-37942 Vulnerability in maven package org.jenkins-ci.plugins:external-monitor-job
CVE-2022-36083 Vulnerability in maven package org.webjars.npm:jose