{"vulnerability": "cve-2020-2673", "sightings": [{"uuid": "f42d4aab-36c2-4e33-9070-338c74920e1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26733", "type": "seen", "source": "https://t.me/cibsecurity/22169", "content": "\u203c CVE-2020-26733 \u203c\n\nCross Site Scripting (XSS) in Configuration page in SKYWORTH GN542VF Hardware Version 2.0 and Software Version 2.0.0.16 allows authenticated attacker to inject their own script into the page via DDNS Configuration Section.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T18:49:53.000000Z"}, {"uuid": "2d61578b-279d-4571-beb1-5fd1ac74865b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-26732", "type": "seen", "source": "https://t.me/cibsecurity/22171", "content": "\u203c CVE-2020-26732 \u203c\n\nSkyworth GN542VF Boa version 0.94.13 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-14T18:49:54.000000Z"}]}