Sogu 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (103)

タイムライン

言語

en54
zh50

国・地域

cn94
us10

アクター

Sogu3
Cobalt Strike3
Earth Preta2
Sliver1
OceanLotus1

アクティビティ

関心

タイムライン

タイプ

Not Defined34
Content Management System16
Customer Relationship Management System6
Smartphone Operating System4
Warehouse Management System Software4

ベンダー

Not Defined42
Apache6
Oracle6
SourceCodester4
Google4

製品

WordPress6
SourceCodester Free Hospital Management System for ...4
Google Android4
Zen Cart4
Oracle MySQL Server4

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1SourceCodester Doctors Appointment System login.php SQLインジェクション7.47.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000640.07CVE-2023-4219
2IBM Security Guardium Request 特権昇格9.29.2$5k-$25k$5k-$25kNot DefinedNot Defined0.000660.00CVE-2023-35893
3Piwigo pwg.users.php SQLインジェクション6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000880.03CVE-2022-26266
4Pluck Theme Upload 特権昇格4.74.6$0-$5k$0-$5kNot DefinedNot Defined0.028930.07CVE-2022-26965
5Apache Struts ParameterInterceptor 未知の脆弱性5.35.3$5k-$25k$0-$5kHighNot Defined0.084840.00CVE-2010-1870
6Synacor Zimbra Collaboration Memcache Command 特権昇格6.36.0$0-$5k$0-$5kHighOfficial Fix0.096650.03CVE-2022-27924
7AfterLogic Aurora/WebMail Pro DAV DAVServer.php ディレクトリトラバーサル7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.002900.03CVE-2021-26293
8Artifex MuJS メモリ破損5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.002210.00CVE-2021-45005
9tough-cookie Cookies Remote Code Execution7.97.8$0-$5k$0-$5kNot DefinedOfficial Fix0.001080.03CVE-2023-26136
10Pligg cloud.php SQLインジェクション6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000003.51
11SourceCodester Free Hospital Management System for Small Practices appointment.php SQLインジェクション7.57.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.001700.00CVE-2023-4440
12SourceCodester Free Hospital Management System for Small Practices appointment.php SQLインジェクション7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000900.07CVE-2023-4441
13PrestaShop SQLインジェクション8.08.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.838960.00CVE-2021-3110
14Sentry Invite Link 特権昇格5.05.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000700.06CVE-2022-23485
15Pydio Cells 特権昇格6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000630.00CVE-2021-41325
16Pydio Cells Parameter ディレクトリトラバーサル6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001170.00CVE-2021-41323
17Hikvision Hybrid SAN Messages 特権昇格8.28.2$0-$5k$0-$5kNot DefinedNot Defined0.002020.04CVE-2023-28808
18Red Hat redhat-sso-7 passwd 特権昇格6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000440.00CVE-2020-10695
19ExpressionEngine Control Panel Member Creation SQLインジェクション4.74.6$0-$5k$0-$5kNot DefinedNot Defined0.000870.00CVE-2020-8242
20ThinkCMF addpost.html 特権昇格7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.002720.00CVE-2019-7580

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
143.254.217.165Sogu2023年07月13日verified
2XX.XXX.XXX.XXXXxxx2023年07月13日verified
3XX.XXX.XXX.XXXxxx2023年07月13日verified
4XXX.XX.XX.XXxxx.xx.xx.xx.xxxxxx.xxxx.xxxXxxx2023年07月13日verified

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-21, CWE-22Path Traversalpredictive
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictive
3T1059CAPEC-242CWE-94, CWE-1321Argument Injectionpredictive
4TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
6TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
7TXXXXCAPEC-CWE-XXXXxxxxxxxxx Xxxxxxpredictive
8TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
9TXXXXCAPEC-466CWE-XXXXxxxxxx Xxxxxxxxxx Xx Xxx-xxxxxxxxpredictive
10TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
11TXXXXCAPEC-112CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
12TXXXX.XXXCAPEC-CWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (46)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/admin.php?action=themeinstallpredictive
2File/admin/ajax/avatar.phppredictive
3File/admin/users.php?source=edit_user&id=1predictive
4File/etc/passwdpredictive
5File/htmlcode/html/indexdefault.asppredictive
6File/include/config.cache.phppredictive
7File/xxxxxxx/xxxxxxxxxxx.xxxpredictive
8Filexxxx.xxxpredictive
9Filexxxxxxxxxxx.xxxpredictive
10Filexxx\xxxxx\xxxxxxxxxx\xxxxxxxxxxxxxxx.xxxpredictive
11Filexxxxxxxx\xxxxx.xxxpredictive
12Filexxx/xxxxxxx.xxpredictive
13Filexxxxx.xxxpredictive
14Filexxx.xxxpredictive
15Filexxxxxx.xxxpredictive
16Filexxxxxxxxx.xxxpredictive
17Filexxxx-xxxxxxxx-xxxxxx.xxxpredictive
18Filexxxxxxx\xxxxxxx\xxxxxxx_xxxxx.xxxpredictive
19Filexxxxxx/xxx/xxxxxxxx.xpredictive
20Filexxxxxxxxx/xxxx_xxxxxxx.xxx.xxxpredictive
21Filexxxxx.xxxpredictive
22Filexxxxxxx/xxxx/xxxxx/xxxxxxxxxxx.xxxpredictive
23Filexxxx/xxxxxxxxx.xxxpredictive
24Filexxxxxx/xxxxx_xxxxxxxx/xxxxxxx.xxxxpredictive
25Filexxx.xxxxx.xxxpredictive
26Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictive
27Filexx-xxxxxxxx/xxxx.xxxpredictive
28Filexxxxxxxxxxxxx.xxxxpredictive
29Libraryxxx/xxxxxx/xxxxxxxxx/xxxxxxx.xxpredictive
30Argument$_xxxxxpredictive
31Argumentxxxpredictive
32Argumentxxxxxxpredictive
33Argumentxxxxxpredictive
34Argumentxxxxxpredictive
35Argumentxxxxxxxxxxpredictive
36Argumentxxxxxxxxxxxxxxxxxxxxxxxxpredictive
37Argumentxxxxxxpredictive
38Argumentxxxxxxpredictive
39Argumentxxpredictive
40Argumentxx_xxxxxxxxpredictive
41Argumentxxxxxxxpredictive
42Argumentxxxxxxxxxxxpredictive
43Argumentxxxxxxxxpredictive
44Argumentxxxxxxxxxpredictive
45Input Value..predictive
46Input Value../predictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you want to use VulDB in your project?

Use the official API to access entries easily!