{"vulnerability": "CVE-2020-1155", "sightings": [{"uuid": "6159edc0-61c2-4e87-a924-e9529cb987a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11552", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1703", "content": "#exploit\nCVE-2020-11552:\nA critical vulnerability in ManageEngine ADSelfService Plus\nhttps://itsecurity.org/critical-manageengine-adselfservice-plus-rce-flaw-patched\n]-> PoC: https://seclists.org/fulldisclosure/2020/Aug/4", "creation_timestamp": "2022-12-07T21:16:35.000000Z"}, {"uuid": "607b2cfa-e4c9-4572-95ec-edaba42e35ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11553", "type": "seen", "source": "https://t.me/cibsecurity/11208", "content": "ATENTION\u203c New - CVE-2020-11553 (snmpc_online)\n\nAn issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-14T11:14:09.000000Z"}, {"uuid": "d6afd262-fe23-4786-bab1-36d84b9d6a86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11557", "type": "seen", "source": "https://t.me/cibsecurity/11203", "content": "ATENTION\u203c New - CVE-2020-11557 (snmpc_online)\n\nAn issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the username and password values in cleartext within each request's cookie value.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-14T10:14:17.000000Z"}, {"uuid": "7fa95bb1-ee35-46c3-918f-1fe67562f19e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11556", "type": "seen", "source": "https://t.me/cibsecurity/11204", "content": "ATENTION\u203c New - CVE-2020-11556 (snmpc_online)\n\nAn issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There are multiple persistent (stored) and reflected XSS vulnerabilities.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-14T10:14:18.000000Z"}, {"uuid": "be5c6cf4-5ce9-413e-b01b-c1f332d7dd99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11555", "type": "seen", "source": "https://t.me/cibsecurity/11205", "content": "ATENTION\u203c New - CVE-2020-11555 (snmpc_online)\n\nAn issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive credential information from backup files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-14T10:14:19.000000Z"}, {"uuid": "bb77612b-bf97-4af6-94e8-ff12809b63af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11554", "type": "seen", "source": "https://t.me/cibsecurity/11206", "content": "ATENTION\u203c New - CVE-2020-11554 (snmpc_online)\n\nAn issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive information via info.php4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-14T10:14:20.000000Z"}, {"uuid": "58ea62c2-a44e-4398-aa70-46086fd07b1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11552", "type": "seen", "source": "https://t.me/cibsecurity/14041", "content": "ATENTION\u203c New - CVE-2020-11552\n\nAn elevation of privilege vulnerability exists in ManageEngine ADSelfService Plus before build 6003 because it does not properly enforce user privileges associated with a Certificate dialog. This vulnerability could allow an unauthenticated attacker to escalate privileges on a Windows host. An attacker does not require any privilege on the target system in order to exploit this vulnerability. One option is the self-service option on the Windows login screen. Upon selecting this option, the thick-client software is launched, which connects to a remote ADSelfService Plus server to facilitate self-service operations. An unauthenticated attacker having physical access to the host could trigger a security alert by supplying a self-signed SSL certificate to the client. The View Certificate option from the security alert allows an attacker to export a displayed certificate to a file. This can further cascade to a dialog that can open Explorer as SYSTEM. By navigating from Explorer to \\windows\\system32, cmd.exe can be launched as a SYSTEM.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-11T20:55:25.000000Z"}]}