{"vulnerability": "cve-2020-2501", "sightings": [{"uuid": "da7b9002-fd40-43eb-b1b6-172be0e58d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2501", "type": "seen", "source": "MISP/c0e3e79a-4d95-416e-a3df-3255c53a9eb5", "content": "", "creation_timestamp": "2024-11-14T06:09:52.000000Z"}, {"uuid": "19dd4a82-ac9b-4703-892b-7754284ccd3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2501", "type": "seen", "source": "https://t.me/cibsecurity/23700", "content": "\u203c CVE-2020-2501 \u203c\n\nA stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-17T07:48:29.000000Z"}, {"uuid": "06a9221a-e903-4733-a096-0ea0f0b4374c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25015", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2070", "content": "CVE-2020-25015:\nGenexis Platinum 4410 v2.1 (software version P4410-V2-1.28) - Broken Access Control and CSRF (PoC)\nhttps://www.exploit-db.com/exploits/49000", "creation_timestamp": "2020-11-09T23:40:01.000000Z"}, {"uuid": "f005e4e7-8b07-45d6-8e40-08633bff72fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25010", "type": "seen", "source": "https://t.me/cibsecurity/20983", "content": "\u203c CVE-2020-25010 \u203c\n\nAn arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an instruction to write a file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-17T07:42:33.000000Z"}, {"uuid": "7eb524ed-50ae-424d-b459-5686786205d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25011", "type": "seen", "source": "https://t.me/cibsecurity/20976", "content": "\u203c CVE-2020-25011 \u203c\n\nA sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-17T07:42:26.000000Z"}, {"uuid": "b384617f-72e8-4aba-be6f-11d4482cf52d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25014", "type": "seen", "source": "https://t.me/cibsecurity/17442", "content": "\u203c CVE-2020-25014 \u203c\n\nA stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T07:32:07.000000Z"}, {"uuid": "84761261-7aac-4d1a-a456-95946b9f1d6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25014", "type": "seen", "source": "https://t.me/cibsecurity/16897", "content": "\u203c CVE-2020-25014 \u203c\n\nA stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-27T20:50:17.000000Z"}, {"uuid": "89a54157-caf4-4e9f-bd57-24705dd5afa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-25013", "type": "seen", "source": "https://t.me/cibsecurity/16358", "content": "\u203c CVE-2020-25013 \u203c\n\nJetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-16T18:37:45.000000Z"}]}