BlackNet Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en20
ru1
zh1

Country

us11
nl2

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2Mods for HESK Time-Based sql injection7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2020-13993
3Linux Kernel hid-elo.c hid_parse memory leak3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-27950
4Linux Kernel load_elf_binary memory corruption8.37.5$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2017-1000253
5Corero SecureWatch Managed Services HTTP API Endpoint get_snapshot path traversal3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2021-38136
6Post Grid Plugin Slider Import Search cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-24488
7IBM i2 Analyze information exposure4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-29784
8Apple watchOS WebKit use after free6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-30795
9Lesterchan wp-postratings wp-postratings.php code injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2011-4646
10phpList Bounce Rules cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2020-36399
11Comersus Open Technologies Comersus Cart comersus_optreviewreadexec.asp sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.06CVE-2007-3323
12phpwcms setup.php code injection5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.08CVE-2020-21784
13Paid Memberships Pro sql injection7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-20678
14GENIVI dlt-daemon Config File denial of service3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2021-29507
15ampleShop category.cfm sql injection7.37.3$0-$5k$0-$5kNot DefinedUnavailable0.04CVE-2006-2038
16MidiCart PHP Shopping Cart item_show.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.03
17SialWeb CMS about.php sql injection6.35.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.04
18Dream4 Koobi CMS index.php sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2005-1373
19BitDefender BOX 2 Bootstrap get_image_url os command injection7.77.7$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2019-17096
20SMC D3G0804W WiFi Network Configuration Page cross site scripting4.14.1$0-$5k$0-$5kNot DefinedNot Defined0.08CVE-2020-7249

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh

IOA - Indicator of Attack (18)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/about.phppredictiveMedium
2File/it-IT/splunkd/__raw/services/get_snapshotpredictiveHigh
3File/phpwcms/setup/setup.phppredictiveHigh
4Filexxxxxxxx.xxxpredictiveMedium
5Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
6Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
7Filexxxxxxx/xxx/xxx-xxx.xpredictiveHigh
8Filexxxxx.xxxpredictiveMedium
9Filexxxx_xxxx.xxxpredictiveHigh
10Filexx-xxxxxxxxxxx.xxxpredictiveHigh
11ArgumentxxxpredictiveLow
12Argumentxxxx_xxpredictiveLow
13ArgumentxxpredictiveLow
14ArgumentxxxxxxxxxpredictiveMedium
15ArgumentxxxxxpredictiveLow
16Argumentxxxx_xxxxpredictiveMedium
17ArgumentxxxxpredictiveLow
18ArgumentxxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!