Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers. The vulnerability stems from the issue residing in the Universal Plug and Play (UPnP) feature that allows devices to discover each other’s presence on the same local network and open ports needed to connect to the public Internet. In June 2020, security researcher Yunus adirci discovered what’s called a CallStranger vulnerability (CVE-2020-12695) in June 2020.”]
Source: https://thehackernews.com/2021/11/critical-root-rce-bug-affects-multiple.html