{"vulnerability": "CVE-2020-1082", "sightings": [{"uuid": "ef377a5a-11b0-4bb8-8658-c9f40dc1c39c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10828", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14930", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-10828\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.\n\ud83d\udccf Published: 2020-03-26T16:05:21.000Z\n\ud83d\udccf Modified: 2025-05-05T17:08:28.420Z\n\ud83d\udd17 References:\n1. https://slashd.ga/2020/03/draytek-vulnerabilities/\n2. https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability/", "creation_timestamp": "2025-05-05T17:20:16.000000Z"}, {"uuid": "009b3103-f53b-409f-ad71-1d9c22f667bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10827", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14929", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-10827\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.\n\ud83d\udccf Published: 2020-03-26T16:05:12.000Z\n\ud83d\udccf Modified: 2025-05-05T17:08:37.234Z\n\ud83d\udd17 References:\n1. https://slashd.ga/2020/03/draytek-vulnerabilities/\n2. https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability/", "creation_timestamp": "2025-05-05T17:20:15.000000Z"}, {"uuid": "e32d2255-7ff4-47a6-838d-b29141154f9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10826", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14928", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-10826\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: /cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.\n\ud83d\udccf Published: 2020-03-26T16:05:03.000Z\n\ud83d\udccf Modified: 2025-05-05T17:08:47.869Z\n\ud83d\udd17 References:\n1. https://slashd.ga/2020/03/draytek-vulnerabilities/\n2. https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability/", "creation_timestamp": "2025-05-05T17:20:14.000000Z"}, {"uuid": "88ca6f8c-4012-477e-b2a9-ae1f80129095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10824", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14925", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-10824\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3).\n\ud83d\udccf Published: 2020-03-26T16:04:44.000Z\n\ud83d\udccf Modified: 2025-05-05T17:09:08.315Z\n\ud83d\udd17 References:\n1. https://slashd.ga/2020/03/draytek-vulnerabilities/\n2. https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability/", "creation_timestamp": "2025-05-05T17:20:08.000000Z"}, {"uuid": "9353c716-abba-4b28-bb6f-e6693d3962df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10825", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14926", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-10825\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).\n\ud83d\udccf Published: 2020-03-26T16:04:57.000Z\n\ud83d\udccf Modified: 2025-05-05T17:08:58.060Z\n\ud83d\udd17 References:\n1. https://slashd.ga/2020/03/draytek-vulnerabilities/\n2. https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability/", "creation_timestamp": "2025-05-05T17:20:09.000000Z"}, {"uuid": "151c09af-97e3-4bb3-8ccb-51158c82925f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10823", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14924", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-10823\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).\n\ud83d\udccf Published: 2020-03-26T16:04:38.000Z\n\ud83d\udccf Modified: 2025-05-05T17:09:19.117Z\n\ud83d\udd17 References:\n1. https://slashd.ga/2020/03/draytek-vulnerabilities/\n2. https://www.draytek.com/about/security-advisory/vigor3900-/-vigor2960-/-vigor300b-stack-based-buffer-overflow-vulnerability/", "creation_timestamp": "2025-05-05T17:20:07.000000Z"}, {"uuid": "ed949994-afb7-45c0-a0d6-2049c400002e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1082", "type": "seen", "source": "https://t.me/VulnerabilityNews/14731", "content": "An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.\nPublished at: May 22, 2020 at 01:15AM\nView on website", "creation_timestamp": "2020-05-22T02:46:09.000000Z"}, {"uuid": "db358e62-bf5d-45c9-9e56-2e9dfa33be31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10823", "type": "seen", "source": "https://t.me/cibsecurity/10801", "content": "ATENTION\u203c New - CVE-2020-10823\n\nA stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-30T09:47:25.000000Z"}, {"uuid": "747afc7f-bad6-497d-a7d6-c68ff4d6d91c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1082", "type": "seen", "source": "https://t.me/cibsecurity/12233", "content": "ATENTION\u203c New - CVE-2020-1021\n\nAn elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1082, CVE-2020-1088.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-22T02:55:22.000000Z"}]}