{"vulnerability": "CVE-2020-1377", "sightings": [{"uuid": "54ca14b9-12ef-4b62-963f-aa5823013b35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13776", "type": "seen", "source": "https://mstdn.social/users/jschauma/statuses/114501899617662908", "content": "", "creation_timestamp": "2025-05-13T18:18:54.499381Z"}, {"uuid": "4a3c77fa-cc97-4cf4-b5c1-de657f8944ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1377", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T07:05:54.874000Z"}, {"uuid": "045d9908-8f20-4d24-92bd-f4e9d143ddc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1377", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2025/05/the-windows-registry-adventure-8-exploitation.html", "content": "", "creation_timestamp": "2025-05-28T16:09:15.861000Z"}, {"uuid": "62cb46ee-2061-41ba-abf7-33e3a3e5dc01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13776", "type": "seen", "source": "https://bsky.app/profile/jschauma.mstdn.social.ap.brid.gy/post/3lp33vpam6zr2", "content": "", "creation_timestamp": "2025-05-13T18:21:31.254921Z"}, {"uuid": "8e20d1fe-5fb5-4b42-a9f4-049d8a44b44b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1377", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-8-exploitation.html", "content": "", "creation_timestamp": "2025-05-28T05:00:00.000000Z"}, {"uuid": "a60343d3-c39e-400a-ae07-27f7d49389b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-1377", "type": "seen", "source": "https://projectzero.google/2025/05/the-windows-registry-adventure-7-attack-surface.html", "content": "", "creation_timestamp": "2025-05-23T05:00:00.000000Z"}, {"uuid": "369579c3-5f3f-4250-822c-309f5dcc3368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13777", "type": "seen", "source": "https://t.me/SecLabNews/7811", "content": "\u0412 \u0432\u0435\u0440\u0441\u0438\u0438 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 GnuTLS 3.6.4, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u0439 \u0434\u043b\u044f \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c API \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0439 \u0441\u0432\u044f\u0437\u0438 \u043f\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430\u043c \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u043e\u0433\u043e \u0443\u0440\u043e\u0432\u043d\u044f, \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2020-13777). \u0415\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043e\u0437\u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0440\u0430\u043d\u0435\u0435 \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u0430\u043d\u0441 TLS \u0431\u0435\u0437 \u0441\u0435\u0441\u0441\u0438\u043e\u043d\u043d\u043e\u0433\u043e \u043a\u043b\u044e\u0447\u0430, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c MitM-\u0430\u0442\u0430\u043a\u0443.    \n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 GnuTLS \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c MitM-\u0430\u0442\u0430\u043a\u0438", "creation_timestamp": "2020-07-20T08:49:48.000000Z"}, {"uuid": "f6869ac5-086e-4f0a-89ec-837586299de9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13777", "type": "seen", "source": "https://t.me/canyoupwnme/6554", "content": "CVE-2020-13777 GnuTLS audit: be scared\nhttps://anarc.at/blog/2020-06-10-gnutls-audit/", "creation_timestamp": "2020-07-28T12:06:25.000000Z"}, {"uuid": "f4bea86d-8318-486d-8df7-c345d859809d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13777", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1238", "content": "#exploit\n1. CVE-2020-13777:\nGnuTLS 3.6.4 - 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2 + auth bypass in TLS 1.3), allowing MITM\nhttps://gitlab.com/gnutls/gnutls/-/issues/1011\n\n2. CVE-2020-12695\n(\"CallStranger\" UPNP Vuln):\nData Exfiltration/Reflected Amplified TCP DDoS/Port Scan via UPnP Subscribe Callback\nhttps://callstranger.com\n]-&gt; PoC: https://github.com/yunuscadirci/CallStranger", "creation_timestamp": "2024-10-28T14:57:41.000000Z"}, {"uuid": "e68e9b37-6e71-41ac-886c-ec7c5e44638b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13771", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2098", "content": "#Blue_Team_Techniques\nDetecting known DLL hijacking and named pipe token impersonation attacks with Sysmon (specifically addressing\u00a0CVE-2020-13770,\u00a0CVE-2020-13771)\nhttps://labs.jumpsec.com/detecting-known-dll-hijacking-and-named-pipe-token-impersonation-attacks-with-sysmon", "creation_timestamp": "2025-01-27T15:51:52.000000Z"}, {"uuid": "74641167-8cc3-47fd-b85a-7728a7e85a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13770", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2098", "content": "#Blue_Team_Techniques\nDetecting known DLL hijacking and named pipe token impersonation attacks with Sysmon (specifically addressing\u00a0CVE-2020-13770,\u00a0CVE-2020-13771)\nhttps://labs.jumpsec.com/detecting-known-dll-hijacking-and-named-pipe-token-impersonation-attacks-with-sysmon", "creation_timestamp": "2025-01-27T15:51:52.000000Z"}, {"uuid": "17ae2477-8308-4423-b9b8-5f98643c3c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13773", "type": "seen", "source": "https://t.me/cibsecurity/16361", "content": "\u203c CVE-2020-13773 \u203c\n\nIvanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-16T18:37:48.000000Z"}, {"uuid": "a07d6f62-3b0c-422d-a733-1693d255681f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13778", "type": "seen", "source": "https://t.me/cibsecurity/15367", "content": "\u203c CVE-2020-13778 \u203c\n\nrConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-19T16:46:10.000000Z"}, {"uuid": "86408a89-17cf-470d-a7b2-f0a520b97e3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13772", "type": "seen", "source": "https://t.me/cibsecurity/16351", "content": "\u203c CVE-2020-13772 \u203c\n\nIn /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-16T18:37:38.000000Z"}]}