New CallStranger exploit takes advantage of UPnP vulnerability in millions of routers, gaming systems, TVs, printers, and other Internet-connected attachable devices.

New CallStranger exploit takes advantage of UPnP vulnerability

Researchers just announced the discovery of a UPnP vulnerability that impacts any UPnP device exposed on the Internet. The attack, called CallStranger (CVE-2020-12695), is being used for massive DDoS attacks , to exfiltrate data, and to scan ports from Internet-facing UPnP devices. How the CallStranger exploit works The attack takes advantage of a Callback header…

Read more