{"uuid": "1d66513f-1e98-4686-bf5a-49cf91b9240e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2014-0346", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1902", "content": "#Analytics\nTop-10 exploited vulnerabilities in January-July 2020:\n1. MVPower DVR Remote Code Execution*\n2. Dasan GPON Router Authentication Bypass (CVE-2018-10561)*\n3. OpenSSL TLS DTLS Heartbeat Information Disclosure (CVE-2014-0160; CVE-2014-0346)\u00a0\n4. HTTP Headers Remote Code Execution (CVE-2020-13756)*\n5. Arbitrary code execution vulnerability in Citrix VPN (CVE-2019-19781)*\n6. Draytek Vigor Command Injection (CVE-2020-8515)*\n7. Command Injection Over HTTP Payload\n8. SQL Injection (several techniques)\n9. RCE on MS Exchange Server (CVE-2020-0688)*\n10. Web Server Exposed Git Repository Information Disclosure\n\n* - Description/PoC available on Cybersecurity Technologies channel ...", "creation_timestamp": "2020-12-18T17:23:40.000000Z"}