{"vulnerability": "CVE-2020-1023", "sightings": [{"uuid": "bee78c06-32c2-4e0d-95da-339e7da91165", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10234", "type": "seen", "source": "https://t.me/arpsyndicate/2004", "content": "#ExploitObserverAlert\n\nCVE-2020-10234\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2020-10234. The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. The IOCTL codes can be found in the dispatch function: 0x8001E000, 0x8001E004, 0x8001E008, 0x8001E00C, 0x8001E010, 0x8001E014, 0x8001E020, 0x8001E024, 0x8001E040, 0x8001E044, and 0x8001E048. \\DosDevices\\AscRegistryFilter and \\Device\\AscRegistryFilter are affected.\n\nFIRST-EPSS: 0.001280000\nNVD-IS: 3.6\nNVD-ES: 2.8", "creation_timestamp": "2023-12-18T14:40:57.000000Z"}, {"uuid": "573e9451-456f-44e2-88da-4f924b5e13ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1023", "type": "seen", "source": "https://t.me/VulnerabilityNews/14729", "content": "A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102.\nPublished at: May 22, 2020 at 01:15AM\nView on website", "creation_timestamp": "2020-05-22T02:46:07.000000Z"}, {"uuid": "cb3007ca-1417-414c-8f05-dba9c8a003d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10234", "type": "seen", "source": "https://t.me/cibsecurity/23179", "content": "\u203c CVE-2020-10234 \u203c\n\nThe AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode parameter, a kernel panic (aka BSOD) follows. The IOCTL codes can be found in the dispatch function: 0x8001E000, 0x8001E004, 0x8001E008, 0x8001E00C, 0x8001E010, 0x8001E014, 0x8001E020, 0x8001E024, 0x8001E040, 0x8001E044, and 0x8001E048. \\DosDevices\\AscRegistryFilter and \\Device\\AscRegistryFilter are affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-05T22:35:36.000000Z"}, {"uuid": "96c3da1f-8987-43ea-b3eb-87f6017b17d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10231", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/888", "content": "#exploit\nCVE-2020-10231:\nCloud Cameras NCxx (NC200/210/220/230/250/260/450) - Remote NULL Pointer Dereference\nhttps://packetstormsecurity.com/files/157048/tplinkccncxxx-nullpointer.txt\n// Affected version: \n    NC200<=2.1.8 build 171109\n    NC210<=1.0.9 build 171214\n    NC220<=1.3.0 build 180105\n    NC230<=1.3.0 build 171205\n    NC250<=1.3.0 build 171205\n    NC260<=1.5.1 build 190805\n    NC450<=1.5.0 build 181022", "creation_timestamp": "2024-10-18T17:00:39.000000Z"}, {"uuid": "83116328-cc69-4617-86d4-104e873880d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10231", "type": "seen", "source": "https://t.me/cibsecurity/10906", "content": "ATENTION\u203c New - CVE-2020-10231\n\nTP-Link NC200 through 2.1.8_Build_171109, NC210 through 1.0.9_Build_171214, NC220 through 1.3.0_Build_180105, NC230 through 1.3.0_Build_171205, NC250 through 1.3.0_Build_171205, NC260 through 1.5.1_Build_190805, and NC450 through 1.5.0_Build_181022 devices allow a remote NULL Pointer Dereference.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-01T19:28:26.000000Z"}, {"uuid": "12680545-3528-4144-8d14-d72ff323b64e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1023", "type": "seen", "source": "https://t.me/cibsecurity/12232", "content": "ATENTION\u203c New - CVE-2020-1023\n\nA remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1024, CVE-2020-1102.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-22T02:55:21.000000Z"}, {"uuid": "002fb9d4-fc86-4ad6-b2db-154bc0df7780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1023", "type": "seen", "source": "https://t.me/cibsecurity/12231", "content": "ATENTION\u203c New - CVE-2020-1024\n\nA remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-22T02:55:20.000000Z"}]}