{"vulnerability": "CVE-2020-9273", "sightings": [{"uuid": "cf0d3ad0-082c-4fd9-a93b-fecbd64dd1f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "seen", "source": "MISP/fbcbe927-bdaa-4c83-a4ad-f40a6c4ccc5e", "content": "", "creation_timestamp": "2024-11-14T06:10:06.000000Z"}, {"uuid": "920b6a71-8b0c-47fa-9351-a42bcd701c4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:01.000000Z"}, {"uuid": "b60ace66-5c4f-41e2-89d7-7bcc49dc2199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "published-proof-of-concept", "source": "Telegram/EshvxTBzDj9BA-rtoAPVbndHWSd4zkw70GiVoN_Cz-Z94Wo", "content": "", "creation_timestamp": "2021-08-10T17:45:17.000000Z"}, {"uuid": "e3e20f30-05cb-4688-b84c-53d8c867d1f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/4046", "content": "#exploit\n1. EasyAntiCheat Exploit to inject unsigned code into protected processes\nhttps://back.engineering/10/08/2021\n\n2. CVE-2020-9273:\nHaving fun with a UaF in ProFTPd\nhttps://adepts.of0x.cc/proftpd-cve-2020-9273-exploit", "creation_timestamp": "2024-10-10T18:35:36.000000Z"}, {"uuid": "7a5433fc-1145-4689-92a6-a8121b0d6b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "published-proof-of-concept", "source": "Telegram/HlbPW8q7lgv94yZ0W_SMAD0L5rTaCr8IKJUVUzVvqK9q9w", "content": "", "creation_timestamp": "2025-08-19T21:57:45.000000Z"}, {"uuid": "2885bfe9-e654-4ec2-b7f8-98205123e0b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "seen", "source": "https://t.me/arpsyndicate/884", "content": "#ExploitObserverAlert\n\nCVE-2020-9273\n\nDESCRIPTION: Exploit Observer has 21 entries related to CVE-2020-9273. In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in alloc_pool in pool.c, and possible remote code execution.\n\nFIRST-EPSS: 0.070130000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2023-12-02T02:53:38.000000Z"}, {"uuid": "8fae5d2c-486b-4695-a315-6db7cf6e14a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "published-proof-of-concept", "source": "Telegram/ex1icFgYY1wAJffpbNQGeJHPL6v8pdEtvVfgjvAAj0479w", "content": "", "creation_timestamp": "2025-08-19T21:57:44.000000Z"}, {"uuid": "9e4b3ebb-7ce3-43d7-82da-5d94e9436716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5837", "content": "\ud83d\udcda Phrack is written by hackers, for hackers!\n\n\u2022  \u0421\u0435\u0433\u043e\u0434\u043d\u044f \u0432\u044b\u0448\u0435\u043b \u043d\u043e\u0432\u044b\u0439 \u0432\u044b\u043f\u0443\u0441\u043a \u043b\u0435\u0433\u0435\u043d\u0434\u0430\u0440\u043d\u043e\u0433\u043e \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0436\u0443\u0440\u043d\u0430\u043b\u0430 Phrack, \u0432 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e 15 \u043d\u043e\u0432\u044b\u0439 \u0441\u0442\u0430\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b \u043e \u0432\u0437\u043b\u043e\u043c\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u0438\u0437 \u0443\u0447\u0430\u0441\u0442\u043d\u0438\u043a\u043e\u0432 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u044b Kimsuky. \n\n\u2022  \u041a\u0441\u0442\u0430\u0442\u0438, \u0432 \u044d\u0442\u043e\u043c \u0433\u043e\u0434\u0443 Phrack \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u0442\u0441\u044f 40 \u043b\u0435\u0442. \u041e\u0447\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0434\u0430\u0442\u0430, \u043d\u043e \u043e\u043b\u0434\u0441\u043a\u0443\u043b \u0435\u0449\u0435 \u0436\u0438\u0432 \u0438 \u043d\u0435 \u043f\u0435\u0440\u0435\u0441\u0442\u0430\u0435\u0442 \u0443\u0434\u0438\u0432\u043b\u044f\u0442\u044c \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u043c \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u043e\u043c:\n\n\u27a1The Art of PHP - My CTF Journey and Untold Stories!\n\u27a1Guarding the PHP Temple;\n\u27a1APT Down - The North Korea Files;\n\u27a1A learning approach on exploiting CVE-2020-9273;\n\u27a1Mapping IOKit Methods Exposed to User Space on macOS;\n\u27a1Popping an alert from a sandboxed WebAssembly module;\n\u27a1Desync the Planet - Rsync RCE;\n\u27a1Quantom ROP;\n\u27a1Revisiting Similarities of Android Apps;\n\u27a1Money for Nothing, Chips for Free;\n\u27a1E0 - Selective Symbolic Instrumentation;\n\u27a1Roadside to Everyone;\n\u27a1A CPU Backdoor;\n\u27a1The Feed Is Ours;\n\u27a1The Hacker's Renaissance - A Manifesto Reborn.\n\n\u27a1 https://phrack.org/issues/72/1\n\n#Ezine #Phrack", "creation_timestamp": "2025-08-19T19:27:59.000000Z"}, {"uuid": "bcdd50b9-1d3b-4e6d-8846-cf4fc670fcb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-9273", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/611", "content": "#exploit\n1. CVE-2020-7471:\nDjango 1.11 - 1.11.28, 2.2 - 2.2.10, 3.0 - 3.0.3 StringAgg SQL Injection\nhttps://github.com/secoba/DjVul_StringAgg \n\n2. CVE-2020-8417:\nCode Snippets plugin &lt;2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu\nhttps://github.com/vulncrate/wp-codesnippets-cve-2020-8417\nhttps://github.com/Vulnmachines/WordPress_CVE-2020-8417 \n\n3. CVE-2020-9273:\nIn ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel\nhttps://github.com/ptef/CVE-2020-9273", "creation_timestamp": "2024-03-13T13:46:38.000000Z"}]}