{"vulnerability": "CVE-2020-2901", "sightings": [{"uuid": "789c6fbe-2d43-48ad-9aee-8ce4c4fa8801", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29015", "type": "seen", "source": "MISP/4acf1d49-6b23-4d04-9888-244468b25710", "content": "", "creation_timestamp": "2024-11-14T06:09:42.000000Z"}, {"uuid": "31d52353-dc2e-4c98-b581-769b0042c5b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29010", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7766", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2020-29010\n\ud83d\udd25 CVSS Score: 4.9 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N/E:F/RL:X/RC:X)\n\ud83d\udd39 Description: An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS version 6.2.4 and below, version 6.0.10 and belowmay allow remote authenticated actors to read the SSL VPN events log entries of users in other VDOMs by  executing \"get vpn ssl monitor\" from the CLI. The sensitive data includes usernames, user groups, and IP address.\n\ud83d\udccf Published: 2025-03-17T13:06:16.993Z\n\ud83d\udccf Modified: 2025-03-17T13:32:38.996Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-20-103", "creation_timestamp": "2025-03-17T13:46:58.000000Z"}, {"uuid": "6a151bd4-8c11-4208-b5e5-3ca8711021dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29013", "type": "seen", "source": "https://t.me/cibsecurity/40226", "content": "\u203c CVE-2020-29013 \u203c\n\nAn improper input validation vulnerability in the sniffer interface of FortiSandbox before 3.2.2 may allow an authenticated attacker to silently halt the sniffer via specifically crafted requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-06T12:35:35.000000Z"}, {"uuid": "baffafb8-1e78-4371-a158-acb647515f56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29015", "type": "seen", "source": "https://t.me/ptswarm/43", "content": "Fortinet fixed a Post-Auth RCE in FortiWeb (CVE-2021-22123) found by our researcher Andrey Medov.\n\nThis vulnerability was part of an Unauth RCE chain submitted together with CVE-2020-29015 (Unauth SQL Injection), which was fixed by Fortinet earlier.\n\nAdvisory: https://www.fortiguard.com/psirt/FG-IR-20-120\n\nSubscribe to the PT SWARM Twitter to get updates about all of the latest vulnerabilities discovered by us.", "creation_timestamp": "2021-06-02T06:43:38.000000Z"}, {"uuid": "bc5a9a15-4caf-42b2-9894-79cb6d7634dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29011", "type": "seen", "source": "https://t.me/cibsecurity/26837", "content": "\u203c CVE-2020-29011 \u203c\n\nInstances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-04T21:23:51.000000Z"}, {"uuid": "628b0abd-ceed-4d64-b395-92a6a784e313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29015", "type": "seen", "source": "https://t.me/cibsecurity/22163", "content": "\u203c CVE-2020-29015 \u203c\n\nA blind SQL injection in the user interface of FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to execute arbitrary SQL queries or commands by sending a request with a crafted Authorization header containing a malicious SQL statement.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T18:49:45.000000Z"}, {"uuid": "80ab67c2-2b21-4e87-b9d9-3ad6064f021a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29016", "type": "seen", "source": "https://t.me/cibsecurity/22170", "content": "\u203c CVE-2020-29016 \u203c\n\nA stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.5 and version before 6.2.4 may allow an unauthenticated, remote attacker to overwrite the content of the stack and potentially execute arbitrary code by sending a crafted request with a large certname.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T18:49:53.000000Z"}, {"uuid": "d5684311-7a84-4754-acfe-77e02d67de4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29017", "type": "seen", "source": "https://t.me/cibsecurity/22164", "content": "\u203c CVE-2020-29017 \u203c\n\nAn OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T18:49:46.000000Z"}, {"uuid": "1c7bfa7f-b373-4b87-b3e5-c38c02ac9144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29018", "type": "seen", "source": "https://t.me/cibsecurity/22161", "content": "\u203c CVE-2020-29018 \u203c\n\nA format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T18:49:40.000000Z"}, {"uuid": "ff8f993c-3d99-45dd-ad1d-0bcb3aa6e7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29019", "type": "seen", "source": "https://t.me/cibsecurity/22160", "content": "\u203c CVE-2020-29019 \u203c\n\nA stack-based buffer overflow vulnerability in FortiWeb 6.3.0 through 6.3.7 and version before 6.2.4 may allow a remote, unauthenticated attacker to crash the httpd daemon thread by sending a request with a crafted cookie header.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T18:49:39.000000Z"}]}