CallStranger
CVE-2020-12695
Data Exfiltration & Reflected Amplified TCP DDOS & Port Scan via UPnP SUBSCRIBE Callback
https://www.callstranger.com/
Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue.
Ok, CVE-2020-12695 Common Vulnerabilities and Exposures | SUSE
Overall state of this security issue: Does not affect SUSE products
But what to do with another equipment?