{"vulnerability": "CVE-2020-1398", "sightings": [{"uuid": "4537e449-6471-4c83-b235-47e8add560ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13980", "type": "seen", "source": "https://t.me/arpsyndicate/4768", "content": "#ExploitObserverAlert\n\nCVE-2020-13980\n\nDESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2020-13980. OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists because of an incomplete fix for CVE-2020-10596. The vendor states \"this is not a massive issue as you are still required to be logged into the admin.\n\nFIRST-EPSS: 0.000720000\nNVD-IS: 2.7\nNVD-ES: 1.7\nARPS-PRIORITY: 0.8285297", "creation_timestamp": "2024-04-23T19:23:31.000000Z"}, {"uuid": "64a97fd9-2dd9-4284-b07f-4cffebec4037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13987", "type": "seen", "source": "https://t.me/cibsecurity/20566", "content": "\u203c CVE-2020-13987 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:36:07.000000Z"}, {"uuid": "23702291-e838-4a1a-b5d5-19302c86a6c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13984", "type": "seen", "source": "https://t.me/cibsecurity/20562", "content": "\u203c CVE-2020-13984 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:36:03.000000Z"}, {"uuid": "dcc0b16b-c951-4edf-9992-539b20e9971b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13986", "type": "seen", "source": "https://t.me/cibsecurity/20580", "content": "\u203c CVE-2020-13986 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:45:54.000000Z"}, {"uuid": "6e2887b7-1be1-455d-8e3b-6e94f3656a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13984", "type": "seen", "source": "https://t.me/cibsecurity/20582", "content": "\u203c CVE-2020-13984 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:45:59.000000Z"}, {"uuid": "96049c7b-bb94-4df1-8df3-97e53e49a90c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13985", "type": "seen", "source": "https://t.me/cibsecurity/20584", "content": "\u203c CVE-2020-13985 \u203c\n\nAn issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:46:00.000000Z"}, {"uuid": "9bf4c1f9-40eb-4ad0-958d-f93d7762fbfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13988", "type": "seen", "source": "https://t.me/cibsecurity/20583", "content": "\u203c CVE-2020-13988 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:45:59.000000Z"}, {"uuid": "64c6bb94-19fd-4c0c-b5ff-33feb0a4256c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13987", "type": "seen", "source": "https://t.me/cibsecurity/20645", "content": "\u203c CVE-2020-13987 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:25:33.000000Z"}, {"uuid": "b9468df9-1601-4513-b354-50880a2e3cdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13985", "type": "seen", "source": "https://t.me/cibsecurity/20643", "content": "\u203c CVE-2020-13985 \u203c\n\nAn issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:25:31.000000Z"}, {"uuid": "8d34ea36-728b-4a1b-92f5-d729c1709152", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13988", "type": "seen", "source": "https://t.me/cibsecurity/20642", "content": "\u203c CVE-2020-13988 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:25:30.000000Z"}, {"uuid": "01ecebf0-fc35-491c-b391-2931152cbc03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13984", "type": "seen", "source": "https://t.me/cibsecurity/20641", "content": "\u203c CVE-2020-13984 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:25:29.000000Z"}, {"uuid": "5996297d-f7ff-4943-a91d-7a96e80ccdd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13986", "type": "seen", "source": "https://t.me/cibsecurity/20639", "content": "\u203c CVE-2020-13986 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T02:25:24.000000Z"}, {"uuid": "37b265cb-ae4a-4723-9265-1fcbb387b65e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13987", "type": "seen", "source": "https://t.me/cibsecurity/20586", "content": "\u203c CVE-2020-13987 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:46:03.000000Z"}, {"uuid": "acb0314d-411f-4c61-a5f6-f3f42402d3ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13987", "type": "seen", "source": "https://t.me/cibsecurity/20625", "content": "\u203c CVE-2020-13987 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:25:24.000000Z"}, {"uuid": "ccb8906c-c9df-4f6c-a467-e4bb5471d969", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13985", "type": "seen", "source": "https://t.me/cibsecurity/20623", "content": "\u203c CVE-2020-13985 \u203c\n\nAn issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:25:22.000000Z"}, {"uuid": "9fed65a5-7cf1-49f6-9b63-52d881d997ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13988", "type": "seen", "source": "https://t.me/cibsecurity/20622", "content": "\u203c CVE-2020-13988 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:25:21.000000Z"}, {"uuid": "bd1ed1b9-7a53-4e59-b2e4-34a995a8b23b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13984", "type": "seen", "source": "https://t.me/cibsecurity/20621", "content": "\u203c CVE-2020-13984 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:25:20.000000Z"}, {"uuid": "829665eb-252b-4301-b773-04f143ea9c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13986", "type": "seen", "source": "https://t.me/cibsecurity/20619", "content": "\u203c CVE-2020-13986 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:25:18.000000Z"}, {"uuid": "e8fc3e66-e0fd-47d6-8e16-4c3799d513ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13987", "type": "seen", "source": "https://t.me/cibsecurity/20605", "content": "\u203c CVE-2020-13987 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:05:16.000000Z"}, {"uuid": "09da27f7-cf5a-4252-9591-b360afbf1e38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13985", "type": "seen", "source": "https://t.me/cibsecurity/20603", "content": "\u203c CVE-2020-13985 \u203c\n\nAn issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:05:14.000000Z"}, {"uuid": "839aa41e-3edd-410f-98ba-4a044fe7abf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13988", "type": "seen", "source": "https://t.me/cibsecurity/20602", "content": "\u203c CVE-2020-13988 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:05:13.000000Z"}, {"uuid": "a1ca07d9-5b69-4084-89c6-25763e2c1ff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13984", "type": "seen", "source": "https://t.me/cibsecurity/20601", "content": "\u203c CVE-2020-13984 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:05:12.000000Z"}, {"uuid": "d90d7445-8913-495c-a3e8-5686f509fcee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13986", "type": "seen", "source": "https://t.me/cibsecurity/20599", "content": "\u203c CVE-2020-13986 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T01:05:10.000000Z"}, {"uuid": "13c2e963-dd81-442e-aed1-78786c813885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13985", "type": "seen", "source": "https://t.me/cibsecurity/20564", "content": "\u203c CVE-2020-13985 \u203c\n\nAn issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:36:06.000000Z"}, {"uuid": "6f1f1d20-137f-44d8-8c2b-7e6fb6842d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13988", "type": "seen", "source": "https://t.me/cibsecurity/20563", "content": "\u203c CVE-2020-13988 \u203c\n\nAn issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:36:05.000000Z"}, {"uuid": "ce7f70ba-49cd-4181-b903-f70d101dcec6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13986", "type": "seen", "source": "https://t.me/cibsecurity/20560", "content": "\u203c CVE-2020-13986 \u203c\n\nAn issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-12T00:36:02.000000Z"}]}