{"vulnerability": "CVE-2020-10136", "sightings": [{"uuid": "d4f8f804-2905-408d-88c3-a877557da2c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://social.circl.lu/users/circl/statuses/113831304477406737", "content": "", "creation_timestamp": "2025-01-15T07:57:45.455928Z"}, {"uuid": "e427b759-6b5f-4ae6-9eec-5b75aba501fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113952492447168187", "content": "", "creation_timestamp": "2025-02-05T17:37:25.956347Z"}, {"uuid": "06c3b2ae-5235-4b70-88fc-b18d318afa68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113952500992294064", "content": "", "creation_timestamp": "2025-02-05T17:39:36.455491Z"}, {"uuid": "d2666136-55e5-47bf-b1d8-5afea0738edd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/1589f952-6079-4a2c-b742-e8d947b50a39", "content": "", "creation_timestamp": "2025-01-15T07:52:57.708458Z"}, {"uuid": "dd63ef06-d30f-42bb-abc7-2cdc47a2a57b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=482", "content": "", "creation_timestamp": "2020-06-03T04:00:00.000000Z"}, {"uuid": "220780da-2a4f-41b8-a16d-b30faac0fd9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/ip-ip-protokollan-toteutuksissa-haavoittuvuuksia", "content": "", "creation_timestamp": "2020-06-03T12:39:40.000000Z"}, {"uuid": "a75682b1-a398-44ce-a76d-d0f11491123b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://t.me/cvedetector/15352", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-23018 - Arbor Networks Firewall IPv4/IPv6 Routing Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-23018 \nPublished : Jan. 14, 2025, 8:15 p.m. | 37\u00a0minutes ago \nDescription : IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T22:22:42.000000Z"}, {"uuid": "05594e8f-ab6e-4e4f-aa53-3f498ab06210", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "published-proof-of-concept", "source": "Telegram/S96jqAO-CMjWBUU7nj-ObwOSCjJs1eZghz1gYNvzGu99rqo", "content": "", "creation_timestamp": "2025-01-22T10:00:05.000000Z"}, {"uuid": "6c375ca0-5727-4977-bd9b-5ff001da4c07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1594", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-23018\n\ud83d\udd39 Description: IPv4-in-IPv6 and IPv6-in-IPv6 tunneling (RFC 2473) do not require the validation or verification of the source of a network packet, allowing an attacker to spoof and route arbitrary traffic via an exposed network interface. This is a similar issue to CVE-2020-10136.\n\ud83d\udccf Published: 2025-01-14T00:00:00\n\ud83d\udccf Modified: 2025-01-14T19:51:42.363Z\n\ud83d\udd17 References:\n1. https://datatracker.ietf.org/doc/html/rfc2473\n2. https://papers.mathyvanhoef.com/usenix2025-tunnels.pdf\n3. https://www.top10vpn.com/research/tunneling-protocol-vulnerability/", "creation_timestamp": "2025-01-14T20:09:11.000000Z"}, {"uuid": "98a2aed4-c0f2-423f-8105-a74f644ed15d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "seen", "source": "https://t.me/SecLabNews/7750", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u042f\u043d\u043d\u0435\u0439 \u041b\u0438\u0432\u043d\u0435\u0445 (Yannay Livneh) \u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Enigmatos \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2020-10136) \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Cisco Systems \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0432\u0435\u043d\u0434\u043e\u0440\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u043e\u043c \u0442\u0443\u043d\u043d\u0435\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f IP-in-IP. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c DoS-\u0430\u0442\u0430\u043a\u0438 \u0438 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u043c\u0435\u0440\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.     \n\u0412 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Cisco \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 IP-in-IP-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c", "creation_timestamp": "2020-06-03T14:30:02.000000Z"}, {"uuid": "37bcf8ba-6b77-46ce-a65f-45a375b8da36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "published-proof-of-concept", "source": "Telegram/ZCyyLBVspoicYmnVRDpFsAn-PUOfjk4Zo72jxeO65MdecUc", "content": "", "creation_timestamp": "2025-01-24T04:00:08.000000Z"}, {"uuid": "fc3a28fb-215a-49cb-ae7c-ee36f23bfaca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1218", "content": "#exploit\n1. CVE-2020-9484:\nApache Tomcat (10.x <10.0.0-M5, 9.x <9.0.35, 8.x <8.5.55, 7.x <7.0.104) Vulnerability in NetApp Products\nhttps://www.redtimmy.com/java-hacking/apache-tomcat-rce-by-deserialization-cve-2020-9484-write-up-and-exploit\n]-> PoC: https://github.com/masahiro331/CVE-2020-9484\n\n2. CVE-2020-10136:\nA flaw in the IP-in-IP tunneling protocol that can be exploited for DoS attacks/bypass security controls impact devices from Cisco and other vendors\nhttps://securityaffairs.co/wordpress/104192/security/ip-in-ip-flaw-cisco.html\n]-> PoC: https://github.com/CERTCC/PoC-Exploits/tree/master/cve-2020-10136", "creation_timestamp": "2024-10-26T00:35:24.000000Z"}, {"uuid": "daf41f95-9859-43e2-bfbc-0d991bdcf62e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10136", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11737", "content": "#exploit\n1. CVE-2020-10136, CVE-2024-7595:\nScanner and attack suite for hosts that forward unauthenticated packets via IPIP/GRE protocols\nhttps://github.com/GustavoHGP/ipeeyoupeewepee\n\n2. CVE-2024-55591:\nFortiOS/FortiProxy Authentication bypass in Node.js websocket module\nhttps://github.com/robomusk52/exp-cmd-add-admin-vpn-CVE-2024-55591\n\n3. CVE-2025-0411:\n7-Zip MotW Bypass\nhttps://github.com/CastroJared/7-Zip-CVE-2025-0411-POC", "creation_timestamp": "2025-01-27T11:31:38.000000Z"}]}