{"vulnerability": "CVE-2020-2654", "sightings": [{"uuid": "f8c4c3a1-dedd-4b01-bdd1-620df6ff4a75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26549", "type": "seen", "source": "https://t.me/cibsecurity/17366", "content": "\u203c CVE-2020-26549 \u203c\n\nAn issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-09T04:25:31.000000Z"}, {"uuid": "ec7d0270-df68-4856-a13a-7f7abbde5e9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26542", "type": "seen", "source": "https://t.me/cibsecurity/16049", "content": "\u203c CVE-2020-26542 \u203c\n\nAn issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server. When used to authenticate against Microsoft Active Directory, it suffers from an authentication validation issue whereby a blank password can be used to authenticate with the service successfully.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-09T22:55:39.000000Z"}, {"uuid": "56a94b73-480e-4c19-8533-8acda851d8e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26546", "type": "seen", "source": "https://t.me/cibsecurity/15216", "content": "\u203c CVE-2020-26546 \u203c\n\n** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1.0.2. The feature to auto-login a user, via the RememberMe functionality, is prone to SQL injection. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-12T22:37:50.000000Z"}, {"uuid": "a206b8fd-b0b8-4514-a4cc-85664374a9a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26548", "type": "seen", "source": "https://t.me/cibsecurity/16489", "content": "\u203c CVE-2020-26548 \u203c\n\nAn issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-18T00:39:37.000000Z"}, {"uuid": "4ac815e5-d940-4a4c-804a-b39288813240", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26549", "type": "seen", "source": "https://t.me/cibsecurity/16482", "content": "\u203c CVE-2020-26549 \u203c\n\nAn issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-18T00:39:29.000000Z"}]}