{"vulnerability": "CVE-2020-1192", "sightings": [{"uuid": "87b5ceb7-9600-47ed-9edc-da67c4a529a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11921", "type": "seen", "source": "https://t.me/cvedetector/10125", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2020-11921 - Lush 2 Bluetooth Encryption Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2020-11921 \nPublished : Nov. 7, 2024, 6:15 p.m. | 45\u00a0minutes ago \nDescription : An issue was discovered in Lush 2 through 2020-02-25. Due to the lack of Bluetooth traffic encryption, it is possible to hijack an ongoing Bluetooth connection between the Lush 2 and a mobile phone. This allows an attacker to gain full control over the device. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T20:17:14.000000Z"}, {"uuid": "0b2db615-60e4-4c78-847a-f55924f9366a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11926", "type": "seen", "source": "https://t.me/cvedetector/10124", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2020-11926 - Luvion Grand Elite 3 Connect Authentication Bypass and Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2020-11926 \nPublished : Nov. 7, 2024, 6:15 p.m. | 45\u00a0minutes ago \nDescription : An issue was discovered in Luvion Grand Elite 3 Connect through 2020-02-25. Clients can authenticate themselves to the device using a username and password. These credentials can be obtained through an unauthenticated web request, e.g., for a JavaScript file. Also, the disclosed information includes the SSID and WPA2 key for the Wi-Fi network the device is connected to. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T20:17:13.000000Z"}, {"uuid": "a721f1bd-50b3-4e85-a7ad-b6e9d706bcd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-11920", "type": "seen", "source": "https://t.me/cibsecurity/23201", "content": "\u203c CVE-2020-11920 \u203c\n\nAn issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection vulnerability resides in the HOST/IP section of the NFS settings menu in the webserver running on the device. By injecting Bash commands via shell metacharacters here, the device executes arbitrary code with root privileges (all of the device's services are running as root).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-08T07:38:55.000000Z"}]}