{"vulnerability": "CVE-2019-2046", "sightings": [{"uuid": "58e24c00-08ee-4029-88c3-23946208cc14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20469", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113443600687965969", "content": "", "creation_timestamp": "2024-11-07T20:39:33.809692Z"}, {"uuid": "e90650b2-4728-45d7-b55c-c3a46d2a96dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20461", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113443600659853306", "content": "", "creation_timestamp": "2024-11-07T20:39:33.407936Z"}, {"uuid": "48766b10-5742-4579-b694-089d9f911d7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20462", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113443600674245516", "content": "", "creation_timestamp": "2024-11-07T20:39:33.563483Z"}, {"uuid": "1c3ba3db-7508-4691-8ef7-d8ae524434f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20469", "type": "seen", "source": "https://t.me/cvedetector/10134", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2019-20469 - One2Track Physical Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2019-20469 \nPublished : Nov. 7, 2024, 9:15 p.m. | 22\u00a0minutes ago \nDescription : An issue was discovered on One2Track 2019-12-08 devices. Confidential information is needlessly stored on the smartwatch. Audio files are stored in .amr format, in the audior directory. An attacker who has physical access can retrieve all audio files by connecting via a USB cable. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T22:47:44.000000Z"}, {"uuid": "8cb5ff1f-4a8b-4941-9efd-391f797ecc11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20461", "type": "seen", "source": "https://t.me/cvedetector/10132", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2019-20461 - Vulnerability Title: Alecto IVM-100 Remote Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2019-20461 \nPublished : Nov. 7, 2024, 9:15 p.m. | 22\u00a0minutes ago \nDescription : An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device uses a custom UDP protocol to start and control video and audio services. The protocol has been partially reverse engineered. Based upon the reverse engineering, no password or username is ever transferred over this protocol. Thus, one can set up the camera connection feed with only the encoded UID. It is possible to set up sessions with the camera over the Internet by using the encoded UID and the custom UDP protocol, because authentication happens at the client side. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T22:47:40.000000Z"}, {"uuid": "16f28af9-b728-45a0-91f8-911281c7046c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20460", "type": "seen", "source": "https://t.me/cvedetector/10131", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2019-20460 - Epson Expression Home XP255 Cross-Site Request Forgery (CSRF)\", \n  \"Content\": \"CVE ID : CVE-2019-20460 \nPublished : Nov. 7, 2024, 9:15 p.m. | 22\u00a0minutes ago \nDescription : An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. POST requests don't require (anti-)CSRF tokens or other mechanisms for validating that the request is from a legitimate source. In addition, CSRF attacks can be used to send text directly to the RAW printer interface. For example, an attack could deliver a worrisome printout to an end user. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T22:47:39.000000Z"}, {"uuid": "898bf8d6-4b5d-4793-a776-dc9e18fc28d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20462", "type": "seen", "source": "https://t.me/cvedetector/10133", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2019-20462 - Alecto IVM-100 Serial Interface Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2019-20462 \nPublished : Nov. 7, 2024, 9:15 p.m. | 22\u00a0minutes ago \nDescription : An issue was discovered on Alecto IVM-100 2019-11-12 devices. The device comes with a serial interface at the board level. By attaching to this serial interface and rebooting the device, a large amount of information is disclosed. This includes the view password and the password of the Wi-Fi access point that the device used. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T22:47:43.000000Z"}, {"uuid": "aedda039-7430-4014-858b-6aa9b100e416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20467", "type": "seen", "source": "https://t.me/cibsecurity/26372", "content": "\u203c CVE-2019-20467 \u203c\n\nAn issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The device by default has a TELNET interface available (which is not advertised or functionally used, but is nevertheless available). Two backdoor accounts (root and default) exist that can be used on this interface. The usernames and passwords of the backdoor accounts are the same on all devices. Attackers can use these backdoor accounts to obtain access and execute code as root within the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-22T16:36:20.000000Z"}, {"uuid": "f6f677ad-761c-4933-b240-fc6e03a32ede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20468", "type": "seen", "source": "https://t.me/cibsecurity/22928", "content": "\u203c CVE-2019-20468 \u203c\n\nAn issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE, and READ_CONTACTS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-02T01:25:11.000000Z"}]}