AVG-1322 log
| Package | hostapd |
| Status | Fixed |
| Severity | Medium |
| Type | proxy injection |
| Affected | 2.9-3 |
| Fixed | 2.9-4 |
| Current | 2.11-4 [extra] |
| Ticket | FS#68861 |
| Created | Sat Dec 5 19:27:51 2020 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2020-12695 | Medium | Yes | Proxy injection | The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 09 Dec 2020 | ASA-202012-16 | hostapd | proxy injection |
| References |
|---|
https://w1.fi/security/2020-1/upnp-subscribe-misbehavior-wps-ap.txt |