{"uuid": "f4bea86d-8318-486d-8df7-c345d859809d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13777", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1238", "content": "#exploit\n1. CVE-2020-13777:\nGnuTLS 3.6.4 - 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2 + auth bypass in TLS 1.3), allowing MITM\nhttps://gitlab.com/gnutls/gnutls/-/issues/1011\n\n2. CVE-2020-12695\n(\"CallStranger\" UPNP Vuln):\nData Exfiltration/Reflected Amplified TCP DDoS/Port Scan via UPnP Subscribe Callback\nhttps://callstranger.com\n]-> PoC: https://github.com/yunuscadirci/CallStranger", "creation_timestamp": "2024-10-28T14:57:41.000000Z"}