{"uuid": "881e37cb-c40c-44c4-b3d8-0fc5a835a31e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-12695", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1238", "content": "#exploit\n1. CVE-2020-13777:\nGnuTLS 3.6.4 - 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2 + auth bypass in TLS 1.3), allowing MITM\nhttps://gitlab.com/gnutls/gnutls/-/issues/1011\n\n2. CVE-2020-12695\n(\"CallStranger\" UPNP Vuln):\nData Exfiltration/Reflected Amplified TCP DDoS/Port Scan via UPnP Subscribe Callback\nhttps://callstranger.com\n]-> PoC: https://github.com/yunuscadirci/CallStranger", "creation_timestamp": "2024-10-28T14:57:41.000000Z"}