Dyre Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en279
fr6
it4
de3
es1

Country

ru137
us129
de8
nl7
it3

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.50CVE-2010-0966
3WoltLab Burning Book addentry.php sql injection7.36.8$0-$5k$0-$5kFunctionalUnavailable0.06CVE-2006-5509
4Codoforum User Registration cross site scripting5.24.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.06CVE-2020-5842
5JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.04CVE-2010-5048
6PHP phpinfo cross site scripting6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2006-0996
7Grandstream GXP16xx VoIP SSH Configuration Interface command injection9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2018-17565
8H Peter Anvin tftp-hpa memory corruption7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2011-2199
9Apple Mac OS X Server Wiki Server sql injection5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.25CVE-2015-5911
10Microsoft Internet Explorer gopher URI memory corruption7.36.6$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.04CVE-2002-0371
11OAuth/OpenID privileges management5.34.7$0-$5k$0-$5kUnprovenUnavailable0.06
12Linux Kernel Crypto Subsystem input validation6.56.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2018-14619
13vsftpd deny_file unknown vulnerability3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2015-1419
14Sierra Wireless ALEOS SSH/Telnet Session information disclosure8.88.4$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-2897
15AVTECH IP Camera/NVR/DVR CloudSetup.cgi command injection9.89.5$0-$5k$0-$5kNot DefinedUnavailable0.04
16FreePBX restapps Privilege Escalation6.35.9$0-$5k$0-$5kFunctionalOfficial Fix0.03CVE-2021-45461
17Sangoma FreePBX/PBXact restapps Privilege Escalation6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2020-10666
18Dropbear SSH dropbearconvert input validation8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2016-7407
19ioBroker path traversal6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-10767
20Schneider Electric Modicon M580 TFTP information disclosure6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2019-6851

IOC - Indicator of Compromise (30)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/admin/config.php?display=disa&view=formHigh
2File/cgi-bin/admin/testserver.cgiHigh
3File/cgi-bin/supervisor/CloudSetup.cgiHigh
4File/iwguestbook/admin/badwords_edit.aspHigh
5File/iwguestbook/admin/messages_edit.aspHigh
6File/private/var/mobile/Containers/Data/ApplicationHigh
7Fileacp/core/files.browser.phpHigh
8Fileaddentry.phpMedium
9Filexxxxx.xxxxxxxxx.xxxHigh
10Filexxxxx/xxxxx.xxxHigh
11Filexxxxxxxxxxxx/xxxxxxxxxxxxxx.xxxHigh
12Filexxxx/xxx/xxx/xxx.xHigh
13Filexxxxxxxx_xxxxxxxxx.xxxHigh
14Filexxxx_xxxxxx.xHigh
15Filexxxxxx/xxxx.xHigh
16FilexxxxxxxLow
17Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
18Filexxxxxxx/xxx/xxx-xxxxxx.xHigh
19Filexxxxxxx/xxxxx/xxx/xxxxxxx/xxxxxxx-xxx.xHigh
20Filexxxxxxx.xMedium
21Filexxxx/xxxxxxxxxx/xxxxxx-xxx.xHigh
22Filexxxxxxxxx.xxxxHigh
23Filexxxxx/xxxxxx_xHigh
24Filexxxx-xxxxxxx.xxxHigh
25Filexxxxxx.xxxMedium
26Filexxxxxx-xxx.xMedium
27Filexxx/xxxxxx.xxxHigh
28Filexxxxx.xxx?x=/xxxx/xxxxxxxxHigh
29Filexxxx/xxxx/xxxxxx.xHigh
30Filexxxxx.xxxMedium
31Filexxxxxxxxxx/xxxxxx.xHigh
32Filexxxx.xxxMedium
33Filexxxxxxxx.xxMedium
34Filexxxx.xxxMedium
35Filexxx/xxxxxxxx-xxxxx.xHigh
36Filexxx_xxxx_xxxxxxxxx.xxHigh
37Filexxxxxxxxxxxx.xxxHigh
38Filexxxxxxxx.xxxMedium
39Filexxxxxxxxx.xMedium
40Filexxxx.xLow
41Filexxxx/xxxxxxxxx/xxx::xxxxxxxxxxHigh
42Libraryxxx/xxx.xMedium
43ArgumentxxxxxxxxMedium
44ArgumentxxxLow
45ArgumentxxxLow
46Argumentxxx_xxxLow
47ArgumentxxxxxxLow
48ArgumentxxxxxxxxxxxMedium
49ArgumentxxxxxxxLow
50ArgumentxxxxxxLow
51ArgumentxxLow
52ArgumentxxxxxLow
53Argumentxxxxxxxxxxxxx/xxxxxxxxxxxxxxHigh
54ArgumentxxxxLow
55Argumentxxxxx_xxMedium
56ArgumentxxxxxxxxMedium
57ArgumentxxxxxxxxMedium
58ArgumentxxxxLow
59ArgumentxxxxxxxxMedium
60ArgumentxxxxxxxxxxxMedium
61ArgumentxxxxxxxxMedium
62ArgumentxxxLow
63ArgumentxxxxxxxxMedium
64Argumentxxxxxxxx/xxxxHigh
65Argumentxxxxxx_xxxxxxxxHigh
66Input Valuex+xxxxx+xxxxxx+x,xxxxxxx,xxxxxxxxxxx+xxxx+xxxxx#High
67Input ValuexxLow
68Input Value[xxx][/xxx]Medium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!