{"vulnerability": "CVE-2020-3548", "sightings": [{"uuid": "7ef56d2c-8217-41f1-b536-c6494c9bbe6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-3548", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113504847474238833", "content": "", "creation_timestamp": "2024-11-18T16:15:25.607193Z"}, {"uuid": "7c70bd66-4349-4137-a853-e228681aacff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "seen", "source": "https://t.me/arm1tage/296", "content": "\u0423\u042f\u0417\u0412\u0418\u041c\u041e\u0421\u0422\u042c, \u041a\u041e\u0422\u041e\u0420\u0410\u042f \u0417\u0410\u0421\u0422\u0410\u0412\u0418\u041b\u0410 \u0410\u0412\u0422\u041e\u0420\u0410 \u041e\u0411\u041e\u0421\u0420\u0410\u0422\u042c\u0421\u042f\n\n\u0417\u043d\u0430\u043a\u043e\u043c\u044c\u0442\u0435\u0441\u044c, CVE-2020-35489, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 Contact Form 7 \u0432 WordPress \u0432\u0435\u0440\u0441\u0438\u0438 \u0440\u0430\u043d\u044c\u0448\u0435 5.3.2 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u0430\u043b\u0438\u0442\u044c \u0448\u0435\u043b\u043b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u0445\u043e\u0434\u0430 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u044f \u0444\u0430\u0439\u043b\u0430 \u0438 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043d\u0435\u043c\u0443 \u0447\u0435\u0440\u0435\u0437 \u043f\u0430\u043f\u043a\u0443 wp-content/uploads... \u0421\u043a\u0440\u0438\u043f\u0442-\u043a\u0438\u0434\u0434\u0438 \u0430\u0432\u0442\u043e\u0440, \u0440\u0430\u0434\u0443\u044f\u0441\u044c \u0437\u0430\u043b\u0438\u0442\u043e\u043c\u0443 \u043d\u0430 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441 \u0448\u0435\u043b\u043b\u0443, \u0442\u0443\u0442 \u0436\u0435 \u043f\u043e\u0437\u043d\u0430\u043b \u0433\u043e\u0440\u0435\u0447\u044c \u043f\u043e\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e \u0442\u0443\u043f\u043e \u043d\u0435 \u0441\u043c\u043e\u0433 \u043d\u0430\u0439\u0442\u0438 \u043a\u0443\u0434\u0430 \u0437\u0430\u043b\u0438\u043b\u0441\u044f \u044d\u0442\u043e\u0442 \u0444\u0430\u0439\u043b\ud83e\udd13\n\n\u0421\u0442\u0430\u0442\u044c\u044f\n\n\n#cve #wordpress", "creation_timestamp": "2022-08-23T16:59:41.000000Z"}, {"uuid": "1b89f4dc-ea20-4f3a-81ec-1a51b1ee4a8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8677", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aPOC for RCE with CVE-2020-35489\nURL\uff1ahttps://github.com/aitech66/poc-CVE-2020-35489\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-04T20:11:39.000000Z"}, {"uuid": "42648b78-bc70-435a-aad6-fb9866145523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "published-proof-of-concept", "source": "https://t.me/paiddpam/3505", "content": "- WP CVE-2020-35489 Checker\n+ Google Dork : inurl:/wp-content/plugins/contact-form-7/\n\nShare for everybody \nDownload \nhttps://github.com/reneoliveirajr/wp_CVE-2020-35489_", "creation_timestamp": "2024-07-12T10:38:05.000000Z"}, {"uuid": "7c8cdffc-d4a5-4f0c-8d20-275bb555ccd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "published-proof-of-concept", "source": "Telegram/PQfK35LzGlTqCn-1qhL2xtMgvwpuI0Nru-tsM7f5ymd2", "content": "", "creation_timestamp": "2024-07-21T20:59:16.000000Z"}, {"uuid": "815151ec-95ab-4f60-a16b-3ec0d05aaeb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "published-proof-of-concept", "source": "https://t.me/hitshare/2343", "content": "- WP CVE-2020-35489 Checker\n+ Google Dork : inurl:/wp-content/plugins/contact-form-7/\n\nShare for everybody \nDownload \nhttps://github.com/reneoliveirajr/wp_CVE-2020-35489_checker\n\nChannel @StableExploitvv\nShare & Support Us", "creation_timestamp": "2024-07-12T17:13:04.000000Z"}, {"uuid": "c3b9872b-fb63-46b8-905e-5975c88c2cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "seen", "source": "Telegram/O8RJaZzuBZKodTP5o0k24qkcoG7b-8TflqJotgjjX4AbLmhC", "content": "", "creation_timestamp": "2024-09-18T23:44:37.000000Z"}, {"uuid": "c23cd565-528f-4055-8765-909c2da94324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3076", "content": "Tools - Hackers Factory \n\nCVE-2023-33733\n\nThis write-up details how an RCE in Reportlab - was found and exploited. Due to the prevalence of Reportlab in HTML to PDF processing, this vulnerability may be reachable in many applications that process PDF files, making this an important one to patch and look out for.\n\nhttps://github.com/c53elyas/CVE-2023-33733\n\n#cve #cybersecurity #infosec\n\nLoki\n\nA Little Web Honeypot.\n\nhttps://github.com/TheKingOfDuck/Loki\n\n#cybersecurity #infosec\n\nPyrai - Mirai python variant\n\nThis is a working variant of the Mirai IOT botnet, this is fully written in Python3. In this paper I'm going to show you how to configure each script in order to setup your PyRai.\n\nhttps://github.com/readloud/PyRai\n\n#cybersecurity #infosec #redteam\n\nCVE-2023-33781\n\nD-Link DIR-842V2 v1.0.3 was discovered to allow a user to run an arbitrary binary when connecting to telnet. This vulnerability can be triggered using backup/restore functionality.\n\nhttps://github.com/s0tr/CVE-2023-33781\n\n#cve #cybersecurity #infosec\n\nCVE-2023-33782\n\nD-Link DIR-842V2 v1.0.3 was discovered to contain a command injection vulnerability in the iperf3 diagnostics functionality.\n\nhttps://github.com/s0tr/CVE-2023-33782\n\n#cve #cybersecurity #infosec\n\nHackBrowserData \n\nCommand-line tool for decrypting and exporting browser data ( passwords, history, cookies, bookmarks, credit cards, download records, localStorage and extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux.\n\nhttps://github.com/moonD4rk/HackBrowserData\n\n#infosec #pentesting #redteam\n\nVMClarity \n\nOpen source tool for agentless detection and management of Virtual Machine Software Bill Of Materials (SBOM) and security threats such as vulnerabilities, exploits, malware, rootkits, misconfigurations and leaked secrets.\n\nhttps://github.com/openclarity/vmclarity\n\n#cybersecurity #infosec #pentesting\n\nCVE-2023-33246 \n\nRocketMQ Remote Code Execution #Exploit.\n\nhttps://github.com/Malayke/CVE-2023-33246_RocketMQ_RCE_EXPLOIT\n\n#cve #cybersecurity #infosec\n\n2023-33381\n\nOS command injection on MitraStar GPT-2741GNAC.\n\nhttps://github.com/duality084/CVE-2023-33381-MitraStar-GPT-2741GNAC\n\n#cve #cybersecurity #infosec\n\nEyeballer\n\nEyeballer is meant for large-scope network penetration tests where you need to find \"interesting\" targets from a huge set of web-based hosts. Go ahead and use your favorite screenshotting tool like normal (EyeWitness or GoWitness) and then run them through Eyeballer to tell you what's likely to contain vulnerabilities, and what isn't.\n\nhttps://github.com/BishopFox/eyeballer\n\n#cybersecurity #infosec #pentesting\n\nMultichain Auditor\n\nObservations and tips for auditing protocols on multiple chains \ud83e\uddd0\n\nhttps://github.com/0xJuancito/multichain-auditor\n\n#cybersecurity #infosec\n\nCoraza - Web Application Firewall\n\nCoraza is an open source, enterprise-grade, high performance Web Application Firewall (WAF) ready to protect your beloved applications. It written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set.\n\nhttps://github.com/corazawaf/coraza\n\n#cybersecurity #infosec\n\nCVE-2020-35489\n\nCVE-2020-35489 Vulnerability Scanner in #Wordpress Websites.\n\nhttps://github.com/reneoliveirajr/wp_CVE-2020-35489_checker\n\n#cybersecurity #infosec\n\nRegStrike\n\nA .reg payload generator.\n\nhttps://github.com/itaymigdal/RegStrike\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-05T06:48:53.000000Z"}, {"uuid": "65601431-cc53-4eee-8611-b8f0b9ae496e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "seen", "source": "Telegram/S9OVQYfdNz0Aup1BmMIRFsjuMIIVbtZ6CrSGV042i0CzBPw", "content": "", "creation_timestamp": "2024-03-07T19:15:55.000000Z"}, {"uuid": "1a99b175-eda6-43be-93ec-cd05d1e10c94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35488", "type": "seen", "source": "https://t.me/cibsecurity/21574", "content": "\u203c CVE-2020-35488 \u203c\n\nThe fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service (daemon crash) via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslog field. (For example, on Linux it is not possible to create a .. directory. On Windows, it is not possible to create a CON directory.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-05T19:25:20.000000Z"}, {"uuid": "06176858-21e2-436c-a079-a8aa641cb7e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35481", "type": "seen", "source": "https://t.me/cibsecurity/23011", "content": "\u203c CVE-2020-35481 \u203c\n\nSolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-03T18:49:16.000000Z"}, {"uuid": "cd41a36c-67bd-4dd2-be9e-bb34ed104907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "seen", "source": "Telegram/ByNbbDHZjaT1COluAalmuvxSwCeNvtmrdNcPTCLUkjjZc2iP", "content": "", "creation_timestamp": "2024-08-18T11:36:19.000000Z"}, {"uuid": "93f3127b-f6ca-48f4-883a-1a2bd8aa6d5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35480", "type": "seen", "source": "https://t.me/cibsecurity/21053", "content": "\u203c CVE-2020-35480 \u203c\n\nAn issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and hidden users (accounts that have been explicitly hidden due to being abusive, or similar) that the viewer cannot see are handled differently, exposing sensitive information about the hidden status to unprivileged viewers. This exists on various code paths.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-18T12:46:48.000000Z"}, {"uuid": "78fae6d2-efca-439f-82f6-25c14991b596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "seen", "source": "https://t.me/cibsecurity/21012", "content": "\u203c CVE-2020-35489 \u203c\n\nThe contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-17T22:42:57.000000Z"}, {"uuid": "cb70875b-76d9-4b4a-aac9-3d8018290b37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35489", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8616", "content": "#tools\n#Blue_Team_Techniques\n1. Ruby script to check and detect the CVE-2023-24488 security vulnerability in Citrix Gateway/ADC\nhttps://github.com/Abo5/CVE-2023-24488\n2. KRSI (eBPF+LSM) based Linux security auditing tool\nhttps://github.com/mrtc0/bouheki\n3. WordPress Sites Vulnerability Checker for CVE-2020-35489\nhttps://github.com/reneoliveirajr/wp_CVE-2020-35489_checker", "creation_timestamp": "2023-07-05T15:02:28.000000Z"}]}