{"vulnerability": "CVE-2020-2536", "sightings": [{"uuid": "5afd2984-36fb-4026-83f4-5e583dc44f50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25367", "type": "seen", "source": "https://t.me/cibsecurity/31801", "content": "\u203c CVE-2020-25367 \u203c\n\nA command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the Captcha field to Login.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-04T13:24:40.000000Z"}, {"uuid": "2b52793b-68ca-403b-b064-759f7635fc06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25368", "type": "seen", "source": "https://t.me/cibsecurity/31800", "content": "\u203c CVE-2020-25368 \u203c\n\nA command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices with firmware V1.0.2B05. An attacker is able to execute arbitrary web scripts via shell metacharacters in the PrivateLogin field to Login.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-04T13:24:38.000000Z"}, {"uuid": "3c2cbf24-b395-496f-abc7-5d57be736666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25366", "type": "seen", "source": "https://t.me/cibsecurity/31804", "content": "\u203c CVE-2020-25366 \u203c\n\nAn issue in the component /cgi-bin/upload_firmware.cgi of D-Link DIR-823G REVA1 1.02B05 allows attackers to cause a denial of service (DoS) via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-04T13:24:42.000000Z"}]}