{"vulnerability": "CVE-2020-17386", "sightings": [{"uuid": "500968b9-13c4-42b5-9512-7559c359799a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17386", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15497", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-17386\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Cellopoint CelloOS v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system.\n\ud83d\udccf Published: 2020-08-25T07:35:18.925467Z\n\ud83d\udccf Modified: 2025-05-08T09:15:14.444Z\n\ud83d\udd17 References:\n1. https://www.twcert.org.tw/tw/cp-132-3847-c62ca-1.html", "creation_timestamp": "2025-05-08T09:23:38.000000Z"}]}