{"vulnerability": "CVE-2020-1277", "sightings": [{"uuid": "e6595fc7-4fe1-4256-a246-29946206b9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12775", "type": "seen", "source": "https://t.me/cibsecurity/38242", "content": "\u203c CVE-2020-12775 \u203c\n\nHicos citizen certificate client-side component does not filter special characters for command parameters in specific web URLs. An unauthenticated remote attacker can exploit this vulnerability to perform command injection attack to execute arbitrary system command, disrupt system or terminate service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-01T07:23:43.000000Z"}, {"uuid": "27700f7a-ea92-49f0-8562-4c7d26a5d6fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12774", "type": "seen", "source": "https://t.me/cibsecurity/13579", "content": "ATENTION\u203c New - CVE-2020-12774\n\nD-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to inject arbitrary command.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-07-22T12:55:25.000000Z"}, {"uuid": "323773cd-12db-4663-a9c4-5d724b4194ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12776", "type": "seen", "source": "https://t.me/cibsecurity/14400", "content": "ATENTION\u203c New - CVE-2020-12776\n\nOpenfind Mail2000 contains Broken Access Control vulnerability, which can be used to execute unauthorized commands after attackers obtain the administrator access token or cookie.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-09-01T12:55:34.000000Z"}, {"uuid": "abd7f5ef-0772-4ada-b1a5-d4450d6ebb24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12777", "type": "seen", "source": "https://t.me/cibsecurity/13993", "content": "ATENTION\u203c New - CVE-2020-12777\n\nA function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-10T07:55:31.000000Z"}, {"uuid": "6170f30d-7b9a-423e-89f6-83f054fa41c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12779", "type": "seen", "source": "https://t.me/cibsecurity/13991", "content": "ATENTION\u203c New - CVE-2020-12779\n\nCombodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-10T07:55:29.000000Z"}, {"uuid": "c8b13e5b-891b-4903-8094-4983d70c0f9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12778", "type": "seen", "source": "https://t.me/cibsecurity/13992", "content": "ATENTION\u203c New - CVE-2020-12778\n\nCombodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-10T07:55:30.000000Z"}]}