{"vulnerability": "CVE-2019-20933", "sightings": [{"uuid": "ca598546-8d92-4602-97af-743bb4f738a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-05)", "content": "", "creation_timestamp": "2025-02-05T00:00:00.000000Z"}, {"uuid": "eaf6de36-0270-4795-8fad-c51bb4cbe26c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-29)", "content": "", "creation_timestamp": "2024-11-29T00:00:00.000000Z"}, {"uuid": "a375af87-d636-48ac-ac88-d3fdcc89f78c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-15)", "content": "", "creation_timestamp": "2025-03-15T00:00:00.000000Z"}, {"uuid": "6fa06a67-2c18-40f2-b408-1955137b3947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-11-12)", "content": "", "creation_timestamp": "2024-11-12T00:00:00.000000Z"}, {"uuid": "1fee2b7b-e04b-4feb-8b37-ca1c840e11c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-12)", "content": "", "creation_timestamp": "2024-12-12T00:00:00.000000Z"}, {"uuid": "aca27017-1ba5-44b0-9579-932db44aeb51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-03-12)", "content": "", "creation_timestamp": "2025-03-12T00:00:00.000000Z"}, {"uuid": "aa8d98e9-92e3-4dbb-8346-59d2ddab58f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-01)", "content": "", "creation_timestamp": "2025-04-01T00:00:00.000000Z"}, {"uuid": "6e592ef6-ff50-40c6-937f-9481383292a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "e2e9bb6f-3551-4ec3-b5e3-a8b5fb1435e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-07-01)", "content": "", "creation_timestamp": "2025-07-01T00:00:00.000000Z"}, {"uuid": "84867755-7b11-45ad-83e2-9a26fafae0e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-01)", "content": "", "creation_timestamp": "2025-07-01T00:00:00.000000Z"}, {"uuid": "ecd30984-b14e-4e13-9a43-6b2b0b5c3afa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-30)", "content": "", "creation_timestamp": "2025-06-30T00:00:00.000000Z"}, {"uuid": "559e0534-0ef5-4aef-9b67-4ff06fa5c296", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-01)", "content": "", "creation_timestamp": "2025-08-01T00:00:00.000000Z"}, {"uuid": "1cdd503f-ddae-4b64-a747-ff853e6ae73b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-16)", "content": "", "creation_timestamp": "2025-09-16T00:00:00.000000Z"}, {"uuid": "1e47a064-df55-4f34-a66c-45acca1ee378", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-07)", "content": "", "creation_timestamp": "2025-09-07T00:00:00.000000Z"}, {"uuid": "b4421091-6e88-4f6f-bce4-06e2400c8f89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-07)", "content": "", "creation_timestamp": "2025-04-07T00:00:00.000000Z"}, {"uuid": "271a6ff3-a1a6-41d6-b274-3d48a795537b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-25)", "content": "", "creation_timestamp": "2026-01-25T00:00:00.000000Z"}, {"uuid": "4d63a629-9dd3-45a9-98f8-44371cf3d877", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-11)", "content": "", "creation_timestamp": "2025-09-11T00:00:00.000000Z"}, {"uuid": "c66ba9b4-ffdb-41d7-b675-bf82dcc84cb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-26)", "content": "", "creation_timestamp": "2026-01-26T00:00:00.000000Z"}, {"uuid": "d017224c-30ad-4e95-84e9-d44e01b2dd1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/influxdb_cve_2019_20933", "content": "", "creation_timestamp": "2023-03-06T21:00:32.000000Z"}, {"uuid": "0251fae1-8027-4fac-8457-bb6a6a21b4d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-03)", "content": "", "creation_timestamp": "2026-05-03T00:00:00.000000Z"}, {"uuid": "a06a467c-074e-4bd5-ba3c-8b051d42cbd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "https://t.me/pt_soft/21", "content": "The JSON Web Token Toolkit v2\n\n\ud83d\udc0d A toolkit for testing, tweaking and cracking JSON Web Tokens\n\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0430 \u0432\u0430\u043b\u0438\u0434\u043d\u043e\u0441\u0442\u044c\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n(CVE-2015-2951) alg=none\n(CVE-2016-10555) RS/HS256 public key mismatch\n(CVE-2018-0114) Key injection\n(CVE-2019-20933/CVE-2020-28637) Blank password\n(CVE-2020-28042) Null signature\n\n#json #jwt #jwt_tool #json_web_token", "creation_timestamp": "2023-08-02T10:00:03.000000Z"}, {"uuid": "3c12ba93-47b6-4b66-b6ce-c3675597d322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "https://t.me/pt_soft/12", "content": "The JSON Web Token Toolkit v2\n\n\ud83d\udc0d A toolkit for testing, tweaking and cracking JSON Web Tokens\n\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0430 \u0432\u0430\u043b\u0438\u0434\u043d\u043e\u0441\u0442\u044c\n\u041f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043d\u0430 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438:\n(CVE-2015-2951) alg=none\n(CVE-2016-10555) RS/HS256 public key mismatch\n(CVE-2018-0114) Key injection\n(CVE-2019-20933/CVE-2020-28637) Blank password\n(CVE-2020-28042) Null signature\n\n#json #jwt #jwt_tool #json_web_token", "creation_timestamp": "2023-08-02T10:00:03.000000Z"}, {"uuid": "201e1379-ead9-45c0-9a3f-4ac9dcc72db8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "https://t.me/arpsyndicate/1560", "content": "#ExploitObserverAlert\n\nCVE-2019-20933\n\nDESCRIPTION: Exploit Observer has 23 entries related to CVE-2019-20933. InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).\n\nFIRST-EPSS: 0.049130000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-08T12:31:59.000000Z"}, {"uuid": "e3fcde7a-6efd-426f-8b45-28d36600cc83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "published-proof-of-concept", "source": "https://t.me/cybersecs/528", "content": "\u041f\u0440\u043e\u0445\u043e\u0436\u0434\u0435\u043d\u0438\u0435 HTB Devzat\n\n\u0412 \u044d\u0442\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u043c\u044b \u0440\u0430\u0437\u00ad\u0431\u0435\u0440\u0435\u043c \u0441\u0440\u0435\u0434\u043d\u044e\u044e \u043f\u043e \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043c\u0430\u0448\u0438\u043d\u0443 \u0438\u0437 HTB \u2014\u00a0Devzat. \u041d\u0430 \u043f\u0440\u0438\u00ad\u043c\u0435\u0440\u0435 \u0435\u0451 \u043f\u0440\u043e\u00ad\u0445\u043e\u0436\u00ad\u0434\u0435\u043d\u0438\u044f \u0442\u044b \u043d\u0430\u0443\u0447\u0438\u0448\u044c\u00ad\u0441\u044f \u044d\u043a\u0441\u00ad\u043f\u043b\u0443\u00ad\u0430\u0442\u0438\u00ad\u0440\u043e\u0432\u0430\u0442\u044c CVE-2019-20933,\u00a0\u0434\u0430\u043c\u043f\u0438\u0442\u044c\u00a0\u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435\u00a0Git\u00a0\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438, \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u044c\u00a0command\u00a0injection\u00a0\u0432 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u0440\u0443\u0442 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0442\u0435\u0445\u00ad\u043d\u0438\u043a\u0438\u00a0path\u00a0traversal. \u0421\u043b\u043e\u0432\u0430\u0440\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0439\u0442\u0438\u00a0\u0442\u0443\u0442.\u00a0 \u0421\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0440\u0442\u043e\u0432 IP \u043c\u0430\u0448\u0438\u043d\u044b \u2014 10.10.11.118, \u0441\u0440\u0430\u0437\u0443 \u0437\u0430\u043d\u043e\u0441\u0438\u043c \u0435\u0433\u043e \u0432 /etc/hosts:\u00a0 \u0421\u043a\u0430\u00ad\u043d\u0438\u0440\u043e\u00ad\u0432\u0430\u043d\u0438\u0435 \u043f\u043e\u0440\u00ad\u0442\u043e\u0432 \u2014 \u0441\u0442\u0430\u043d\u00ad\u0434\u0430\u0440\u00ad\u0442\u043d\u044b\u0439 \u043f\u0435\u0440\u00ad\u0432\u044b\u0439 \u0448\u0430\u0433 \u043f\u0440\u0438 \u043b\u044e\u0431\u043e\u0439 \u0430\u0442\u0430\u00ad\u043a\u0435. \u041e\u043d\u2026\n\nhttps://cybersec.org/ctf/prohozhdenie-htb-devzat.html", "creation_timestamp": "2022-01-19T18:02:44.000000Z"}, {"uuid": "861c9409-a34b-4e6c-99a7-c61a892a2a69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-20933", "type": "seen", "source": "https://t.me/cibsecurity/16573", "content": "\u203c CVE-2019-20933 \u203c\n\nInfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-19T07:41:05.000000Z"}]}