AVG-1322 log

Package hostapd
Status Fixed
Severity Medium
Type proxy injection
Affected 2.9-3
Fixed 2.9-4
Current 2.10-4 [extra]
Ticket FS#68861
Created Sat Dec 5 19:27:51 2020
Issue Severity Remote Type Description
CVE-2020-12695 Medium Yes Proxy injection
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a...
Date Advisory Package Type
09 Dec 2020 ASA-202012-16 hostapd proxy injection
References
https://w1.fi/security/2020-1/upnp-subscribe-misbehavior-wps-ap.txt