Delf Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

pl12
de1
en1
fr1

Country

us14
cn1

Actors

Delf15

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1path-parse Package Regular Expression splitPathRe denial of service5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-23343
2Mike Rooijackers Recall Products admin.php Stored cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2020-25380
3Apache Struts File Upload permissions6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.05CVE-2019-0233
4Ericsson RX8200 Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-22158
5SoftradeWeb SNC WP SMART CRM cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-25375
6AccessPress Themes WP Floating Menu cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2020-25378
7Mike Rooijackers Recall Products sql injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2020-25379
8KaiOS Email Application cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2019-14756
9KaiOS Contacts Application cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2019-14757
10KaiOS File Manager cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2019-14758
11KaiOS Radio Application injection4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2019-14759
12KaiOS Recorder Application injection4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2019-14760
13KaiOS Note Application injection4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-14761
14Cacti Utility api_poller.php sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2013-1434
15Tubeace Tube Ace sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.06CVE-2012-1029

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsConfidence
150.63.202.36ip-50-63-202-36.ip.secureserver.netDelfHigh
252.5.103.164ec2-52-5-103-164.compute-1.amazonaws.comDelfMedium
3XX.XX.XXX.XXXxxx-xx-xx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxMedium
4XX.XX.XXX.XXxx-xx-xxx-xx.xxx.xxx.xxXxxxHigh
5XXX.XX.X.XXXXxxxHigh
6XXX.XXX.XXX.XXXXxxxHigh
7XXX.XXX.XXX.XXxx-xxx-xxx-xxx-xx.xx.xxxxxxxxxxxx.xxxXxxxHigh
8XXX.XX.XXX.XXXxxxxxxxxxxx.xxxxxxxxx.xxxXxxxHigh
9XXX.XXX.XX.XXXxxxHigh

TTP - Tactics, Techniques, Procedures (1)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorConfidence
1T1059.007CWE-79Cross Site ScriptingHigh

IOA - Indicator of Attack (7)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1Fileadmin.phpMedium
2Fileapi_poller.phpHigh
3Argumentxxxxxxxx xxxx/xxx xxxx/xxxxx xxxx/xxxxxxx/xxxx/xxxxx/xxxxxx/xxxxx xx xxxxx/xxx xxxx/xxx xxxxxx/xxxx xxxx/xxx/xxxxx/xxxxxHigh
4ArgumentxxLow
5Argumentxxxxxxxxxxxx[]High
6Argumentxxxx/xxxxxxxx+xxHigh
7Argumentxxxxxx xxxxxxxxHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!