AnyDesk Analysisinfo

IOB - Indicator of Behavior (71)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en70
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Tenda AC10U6
Tracker Software PDF-XChange Editor4
Microsoft Windows4
TRENDnet TEW-815DAP2
Aerospike Java Client2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Tenda AC10U fromSetWirelessRepeat stack-based overflow6.46.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001100.05CVE-2024-0930
2WordPress Customizer path traversal7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.003010.04CVE-2017-14722
3Microsoft Windows COM+ Event System Service type confusion8.17.7$25k-$100k$5k-$25kHighOfficial Fix0.001460.04CVE-2022-41033
4TRENDnet TEW-800MB POST Request os command injection7.26.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.001150.00CVE-2024-0918
5openCryptoki RSA PKCS#1 v1.5 timing discrepancy4.84.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000960.07CVE-2024-0914
6WP ERP Plugin sql injection5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.000430.00CVE-2024-0913
7Johnson Controls C-CURE 9000 log file3.13.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.06CVE-2024-0912
8TRENDnet TEW-815DAP POST Request do_setNTP command injection8.38.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000700.08CVE-2024-0919
9Tenda AC10U saveParentControlInfo stack-based overflow6.46.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001100.05CVE-2024-0931
10Tenda AC10U formSetDeviceName stack-based overflow6.46.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001100.05CVE-2024-0923
11D-Link DIR-816 A2 Web Interface setDeviceSettings os command injection6.46.3$5k-$25k$0-$5kProof-of-ConceptNot Defined0.001280.06CVE-2024-0921
12Tenda AC10U formWifiWpsOOB stack-based overflow6.46.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001100.10CVE-2024-0926
13Tenda AC10U formQuickIndex stack-based overflow6.46.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001080.05CVE-2024-0922
14Microsoft Windows CSC Service heap-based overflow7.87.2$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000430.03CVE-2024-26229
15Linux Kernel amdkfd calculation6.66.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.04CVE-2024-41011
16laravel-s Laravel.php file inclusion7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.002320.00CVE-2023-29931
17nasirkhan Laravel Starter Password Reset forgot-password observable response discrepancy4.24.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000520.03CVE-2024-6056
18B&R Industrial Automation Runtime System Diagnostics Manager cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001040.03CVE-2022-4286
19Synology VPN Plus Server Remote Desktop out-of-bounds write9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.001090.05CVE-2022-43931
20GajShield Data Security Firewall firmware Web-based Management Interface hard-coded credentials9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.002710.06CVE-2023-1778

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
152.89.196.49ec2-52-89-196-49.us-west-2.compute.amazonaws.comAnyDesk04/02/2024verifiedHigh
2XXX.XX.XXX.XXXXxxxxxx04/02/2024verifiedVery High
3XXX.XX.X.XXXxxx.xxxxxxxxxxxxxxxxxxx.xxxxXxxxxxx04/02/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (34)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/forgot-passwordpredictiveHigh
2File/goform/setDeviceSettingspredictiveHigh
3File/goform/SetNetControlListpredictiveHigh
4File/index.php/newsletter/subscriber/new/predictiveHigh
5File/xxxxxxxxxxxxx/xxxx.xxx?xxxxx=-x%xxxx%xxxx%xx=%xxxxpredictiveHigh
6File/xxx/xxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
7Filexxxxxxx/xxxxxxxxxxx.xpredictiveHigh
8Filexxxxxxx.xxxpredictiveMedium
9Filexxxxxxxxxx.xxxxx.xxxpredictiveHigh
10Filexxxxxxx/xxxxxxx/xxxxxxx.xxxx?xxxxpredictiveHigh
11Filexxxxxxxx/xxxxxxxx/xxxxx-xxxxxxxx-xxxxx.xxxpredictiveHigh
12Filexxxxx.xxxpredictiveMedium
13FilexxxxxxxxxxpredictiveMedium
14Filexxxxxxxxxxxx.xxxpredictiveHigh
15Filexx-xxxxxxxx/xxxx.xxxpredictiveHigh
16Filexxx/xxxxxxxx/xxxxxxx.xxxpredictiveHigh
17Argumentxxxxxxxx/xxxx/xxxxpredictiveHigh
18ArgumentxxxxxxxxxpredictiveMedium
19ArgumentxxxxxxxpredictiveLow
20ArgumentxxxxxpredictiveLow
21ArgumentxxxxxxxxpredictiveMedium
22ArgumentxxpredictiveLow
23ArgumentxxxxxpredictiveLow
24ArgumentxxxxpredictiveLow
25ArgumentxxxxxxxpredictiveLow
26Argumentxxxxxxxxxxx/xxxxxxxxxpredictiveHigh
27ArgumentxxxxxxxxxxxxxpredictiveHigh
28Argumentxxxx_xxxxpredictiveMedium
29ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
30ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
31ArgumentxxxxpredictiveLow
32Argumentxxxxxx_xxxxxxpredictiveHigh
33Input Valuex) xxx xxxxxxxxx(x,xxxxxx(xxxx,xxxx()),x)#predictiveHigh
34Input ValuexxxxxxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!