BlankSlate Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en28
de3

Country

us16
de2
gb1

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.20CVE-2010-0966
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
3Honda Civic keyfob Subsystem authentication replay1.81.8$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2021-46145
4Microsoft Access Access File memory corruption10.09.5$25k-$100k$0-$5kNot DefinedOfficial Fix0.05CVE-2013-3156
5123 Flash Chat Module 123flashchat.php code injection9.89.3$0-$5k$0-$5kProof-of-ConceptUnavailable0.03CVE-2008-1989
6DZCP deV!L`z Clanportal browser.php information disclosure5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.07CVE-2007-1167
7Serendipity exit.php privileges management6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.04
8LabF nfsAxe FTP Client memory corruption8.58.3$0-$5k$0-$5kHighNot Defined0.05CVE-2017-18047
9GitStack User input validation8.58.5$0-$5k$0-$5kHighNot Defined0.04CVE-2018-5955
10Dasan GPON ONT WiFi Router H640X login_action.cgi login_action memory corruption8.58.3$0-$5k$0-$5kNot DefinedWorkaround0.00CVE-2017-18046
11FasterXML jackson-databind Incomplete Fix deserialization7.77.3$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2018-5968
12CentOS Web Panel index.php cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2018-5961
13CentOS Web Panel phpini_editor Module index.php cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2018-5962
14OpenSSH sshd packet.c null pointer dereference6.46.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2016-10708
15Zenario organizer.php sql injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2018-5960
16Zillya! Antivirus Driver zef.sys input validation7.27.2$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2018-5958
17pfSense status_rrd_graph_img.php os command injection7.56.9$0-$5k$0-$5kHighOfficial Fix0.00CVE-2016-10709
18Zillya! Antivirus Driver zef.sys input validation7.27.2$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2018-5956
19HPE iLO 4 privileges management9.99.4$25k-$100k$0-$5kHighOfficial Fix0.05CVE-2017-12542
20WordPress Whitelist access control5.45.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2010-5293

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorConfidence
1T1040CWE-294Authentication Bypass by Capture-replayHigh
2TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxHigh
3TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxHigh

IOA - Indicator of Attack (22)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/cgi-bin/login_action.cgiHigh
2File123flashchat.phpHigh
3Filedata/gbconfiguration.datHigh
4Filexxxx.xxxMedium
5Filexxx/xxxxxx.xxxHigh
6Filexxx/xxxxxxxxxxx/xxxxxxx.xxxHigh
7Filexxxxx.xxxMedium
8Filexxx.x/xxxxxx.xHigh
9Filexxxxxxxxx.xxxHigh
10Filexxxx/xxxx/Medium
11Filexxxxxx_xxx_xxxxx_xxx.xxxHigh
12Libraryxxx.xxxLow
13ArgumentxxxxxxxxMedium
14ArgumentxxxxxxxxMedium
15Argumentxxxxx_xxxxxxxHigh
16ArgumentxxxxLow
17ArgumentxxxxxLow
18ArgumentxxxxxxLow
19ArgumentxxxxLow
20ArgumentxxxLow
21Argumentxxxxxxxx/xxxxxxxxHigh
22Network Portxxx/xx (xxx)Medium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!