CPSEC-278: Cradlepoint Not Vulnerable to CVE-2020-12695 (aka CallStranger)
June 17, 2020
Summary: Cradlepoint does not use a version of UPnP that is vulnerable to CVE-2020-12695 (aka CallStranger). CallStranger takes advantage of a Callback header value in the UPnP Subscribe function, allowing for possible data exfiltration, DDOS and/or scanning internal ports from Internet facing UPnP devices. However, customers who improperly configure NCOS to allow unsolicited inbound connectivity to a local UPnP device connected to a Cradlepoint router may be affected.
Mitigation: In NCOS, UPnP Gateway is disabled and the zone-based firewall is configured with an explicit deny for unsolicited inbound traffic by default. It is recommended that customers do not enable the UPnP Gateway service, unless necessary, and use NetCloud Manager’s Remote Connect feature or NetCloud Perimeter as a secure alternative to port forwarding and/or DMZ.