{"vulnerability": "cve-2020-2037", "sightings": [{"uuid": "a9a20dc0-3542-42e1-8d6d-e4d749e99966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-2037", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2687", "content": "#Threat_Research\n1. Root cause analysis and PoC for a MS SQL Server 2014/2016/2017 Stack Overflow Vulnerability (CVE-2019-1068) by reversing svl.dll\nhttps://0xsaiyajin.github.io/vulnerability-research/2021/02/06/discovering-an-undisclosed-stack-overflow-vulnerability-in-mssql-server-cve-2019-1068.html\n2. Analysis of CVE-2021-1722 - Windows Fax Service RCE Vulnerability\nhttps://streetfight.medium.com/analysis-of-cve-2021-1722-684d61a20041\n3. Swarm of Palo Alto PAN-OS vulnerabilities (PoCs):\n- arbitrary OS command execution by an authorized user (CVE-2020-2037/CVE-2020-2038)\n- DoS by an unauthorized user\u00a0(CVE-2020-2039)\n- reflected XSS\u00a0(CVE-2020-2036)\nhttps://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities", "creation_timestamp": "2021-02-12T12:57:54.000000Z"}, {"uuid": "54b49457-c67f-408f-8066-a2887c4e504f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-2037", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2708", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 8-14)\nCVE-2020-1472 - Microsoft Zerologon\nhttps://t.me/cybersecuritytechnologies/1742\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-1732 - Windows kernel 0-day exploit is used by BITTER APT in targeted attack\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2020-2037 - Palo Alto PAN-OS vulnerability\nhttps://t.me/cybersecuritytechnologies/2687\nCVE-2021-24074, CVE-2021-24086, CVE-2021-24094 - Windows IPv4/IPv6 Stack RCE/DoS Vulnerabilities\nhttps://unit42.paloaltonetworks.com/cve-2021-24074-patch-tuesday\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE vulnerability\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-21017 - Acrobat Reader DC\u00a0a heap-based buffer overflow vulnerability\nhttps://threatpost.com/critical-adobe-windows-flaw/163789\nCVE-2020-24581 - D-Link DSL-2888A AU_2.31_V1x - RCE\nhttps://t.me/cybersecuritytechnologies/2670", "creation_timestamp": "2021-02-15T11:00:19.000000Z"}]}