CryptoWire Analysisinfo

IOB - Indicator of Behavior (23)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

zh16
en8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

OPNsense4
Apache HTTP Server2
Freeware Advanced Audio Coder2
Discuz!2
Apple macOS2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1OPNsense Access Control access control6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000510.00CVE-2018-18958
2Grocy QR Code information disclosure5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000420.00CVE-2023-48199
3ESAFENET CDG ProtocolService.java delProtocol sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.001640.09CVE-2024-10610
4itsourcecode Online Bookstore admin_add.php unrestricted upload6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.04CVE-2024-9036
5Rgboard bbs.lib.inc.php code injection7.36.6$0-$5kCalculatingProof-of-ConceptOfficial Fix0.009530.00CVE-2008-2296
6Apple macOS Kernel state issue5.45.3$5k-$25k$0-$5kHighOfficial Fix0.003780.03CVE-2023-38606
7Shenzhen Youkate Industrial Facial Love Cloud Payment System Account SystemMng.ashx privileges management8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001480.02CVE-2023-6099
8EmpireCMS AdClass.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.002730.05CVE-2022-28585
9Apache HTTP Server HTTP/2 Request request smuggling6.46.4$25k-$100k$5k-$25kNot DefinedNot Defined0.020620.02CVE-2020-9490
10Qualcomm Snapdragon Auto SIP sigcomp Message memory corruption7.67.6$5k-$25k$5k-$25kNot DefinedOfficial Fix0.001880.00CVE-2020-3639
11OPNsense Login Page redirect5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.002040.05CVE-2020-23015
12TOTOLINK A800R/A810R/A830R/A950RG/A3000RU/A3100R setWebWlanIdx command injection5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.007810.00CVE-2022-26208
13Cisco RV340/RV345 Web-based Management Interface stack-based overflow4.74.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.002810.00CVE-2022-20753
14Wowza Streaming Engine Password File admin.password cleartext storage3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000420.00CVE-2021-31539
15Cisco IOS/IOS XE DHCP Relay memory corruption9.89.7$100k and more$5k-$25kHighOfficial Fix0.223300.00CVE-2017-12240
16Freeware Advanced Audio Coder huff2.c huffcode memory corruption4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000540.00CVE-2018-19890
17Open Whisper Signal cross site scripting5.25.1$5k-$25k$0-$5kProof-of-ConceptNot Defined0.001770.00CVE-2018-11101
18phpBB Admin Control Panel file_exists input validation5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.091160.00CVE-2018-19274
19phpBB information disclosure9.88.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.003640.00CVE-2008-1766
20Microsoft Exchange Server Privilege Escalation8.87.7$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.022120.03CVE-2021-28482

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
1194.156.98.51vm1867589.stark-industries.solutionsCryptoWire03/19/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (18)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/com/esafenet/servlet/system/ProtocolService.javapredictiveHigh
2File/SystemMng.ashxpredictiveHigh
3FileAdClass.phppredictiveMedium
4Filexxxxx.xxxpredictiveMedium
5Filexxxxx_xxx.xxxpredictiveHigh
6Filexxxx/xxxxx.xxxxxxxxpredictiveHigh
7Filexxxxxxxxxx.xxxpredictiveHigh
8Filexxxxxxx/xxxxx.xpredictiveHigh
9Libraryxxxxxxx/xxx.xxx.xxx.xxxpredictiveHigh
10ArgumentxxpredictiveLow
11ArgumentxxxxxpredictiveLow
12ArgumentxxxxxxxxxxxxpredictiveMedium
13Argumentxxxxxx/xxxxxx/xxxpredictiveHigh
14Argumentxxxx_xxxxpredictiveMedium
15ArgumentxxxxxxxxpredictiveMedium
16ArgumentxxxpredictiveLow
17ArgumentxxxxxxxxxxpredictiveMedium
18Input ValuexxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!