{"vulnerability": "CVE-2020-1534", "sightings": [{"uuid": "badb2581-4dca-4216-a246-f123af387eb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15342", "type": "seen", "source": "https://t.me/cibsecurity/50700", "content": "\u203c CVE-2020-15342 \u203c\n\nZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T07:50:50.000000Z"}, {"uuid": "f208c95b-01d6-4ab6-b074-b42d4afd4123", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15347", "type": "seen", "source": "https://t.me/cibsecurity/50688", "content": "\u203c CVE-2020-15347 \u203c\n\nZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T07:47:59.000000Z"}, {"uuid": "d542c825-f381-4f85-8532-b1119da167f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15346", "type": "seen", "source": "https://t.me/cibsecurity/50683", "content": "\u203c CVE-2020-15346 \u203c\n\nZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T07:47:51.000000Z"}, {"uuid": "932eaa74-bb13-4643-95aa-67b4420b689b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15343", "type": "seen", "source": "https://t.me/cibsecurity/50692", "content": "\u203c CVE-2020-15343 \u203c\n\nZyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T07:48:04.000000Z"}, {"uuid": "dc14fdd5-914f-4329-ab86-2bffb2b025f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15349", "type": "seen", "source": "https://t.me/cibsecurity/16415", "content": "\u203c CVE-2020-15349 \u203c\n\nBinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process (copy, move, delete) as root and changing permissions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-17T07:38:19.000000Z"}, {"uuid": "8398444f-1366-4f7f-b875-2acab422e084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-15349", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2095", "content": "#exploit\n1. CVE-2020-13958:\nApache OpenOffice 4 <=4.1.7 - RCE\nhttps://github.com/irsl/apache-openoffice-rce-via-uno-links\n\n2. CVE-2020-15349, CVE-2020-27192:\nForklift <=3.3.9, <=3.4 - LPE on macOS\nhttps://insinuator.net/2020/11/forklift-lpe", "creation_timestamp": "2023-04-23T12:57:57.000000Z"}]}