{"vulnerability": "CVE-2020-1021", "sightings": [{"uuid": "a1e21182-c870-4d88-9ff3-4b0d0d627ef0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10213", "type": "seen", "source": "https://t.me/arpsyndicate/1909", "content": "#ExploitObserverAlert\n\nCVE-2020-10213\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-10213. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.\n\nFIRST-EPSS: 0.003270000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T04:14:23.000000Z"}, {"uuid": "fe1cbe9f-e50d-4b31-b14a-42d103b196c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1021", "type": "published-proof-of-concept", "source": "https://t.me/hybgl/229", "content": "#windows #cve #writeup\n\n[ CVE-2020-1021  \u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435 \u043b\u044e\u0431\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432 \u0432\u0435\u0434\u0440\u0435 \u0432\u0438\u043d\u0434\u0435 ]\n\nhttps://github.com/guhe120/Windows-EoP/blob/master/CVE-2020-1021/writeup.docx", "creation_timestamp": "2020-05-28T01:05:36.000000Z"}, {"uuid": "0bb99475-5937-41af-8ff7-bbad40e8a196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1021", "type": "seen", "source": "https://t.me/cibsecurity/12233", "content": "ATENTION\u203c New - CVE-2020-1021\n\nAn elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-22T02:55:22.000000Z"}, {"uuid": "0ad84060-75d6-4ef0-be0f-fe0e8e147ee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10215", "type": "seen", "source": "https://t.me/arpsyndicate/2028", "content": "#ExploitObserverAlert\n\nCVE-2020-10215\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-10215. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected.\n\nFIRST-EPSS: 0.003270000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T17:03:35.000000Z"}, {"uuid": "bda1a5c4-1416-4c07-8ecb-c26732529cff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10214", "type": "seen", "source": "https://t.me/arpsyndicate/2009", "content": "#ExploitObserverAlert\n\nCVE-2020-10214\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2020-10214. An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a sufficiently long parameter ntp_server.\n\nFIRST-EPSS: 0.001210000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T15:10:24.000000Z"}, {"uuid": "c87cf631-634a-4fa3-9f57-d0cec1ccce04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1021", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1163", "content": "#exploit\n1. CVE-2020-1021:\nWindows Error Reporting Service CWerService::SvcCollectMemoryInfo Race Condition Arbitrary File Deletion EoP\nhttps://github.com/guhe120/Windows-EoP/blob/master/CVE-2020-1021/writeup.docx\n\n2. CVE-2020-8871: \nPrivilege Escalation in Mac Parallels Desktop via VGA Device\nhttps://www.zerodayinitiative.com/blog/2020/5/20/cve-2020-8871-privilege-escalation-in-parallels-desktop-via-vga-device", "creation_timestamp": "2024-10-24T17:28:58.000000Z"}]}