{"vulnerability": "CVE-2020-1161", "sightings": [{"uuid": "c8128cd8-d657-40ba-8c46-5ff394df952b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11618", "type": "seen", "source": "https://t.me/cibsecurity/14388", "content": "ATENTION\u203c New - CVE-2020-11618\n\nTHOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-31T18:55:32.000000Z"}, {"uuid": "b2a262a3-fc1a-48d9-a0b4-6151802169ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11617", "type": "seen", "source": "https://t.me/cibsecurity/14389", "content": "ATENTION\u203c New - CVE-2020-11617\n\nThe RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-31T18:55:33.000000Z"}]}