Eternity Analysis

IOB - Indicator of Behavior (168)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en162
ru1
es1
ja1
pt1

Country

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.440.04187CVE-2010-0966
2Linux Foundation Xen EFLAGS Register SYSENTER input validation6.25.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.090.01282CVE-2013-1917
3PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.140.01213CVE-2015-4134
4HPE Onboard Administrator Reflected cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2020-7132
5pgjdbc injection6.76.6$0-$5k$0-$5kNot DefinedOfficial Fix0.030.02762CVE-2022-21724
6Google Android Notification NotificationAccessConfirmationActivity.java onCreate information disclosure4.44.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.01036CVE-2022-20350
7Dell EMC CloudLink Active Directory improper authentication8.88.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.01055CVE-2022-34379
8Promosi-web ardguest ardguest.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.130.01055CVE-2009-3668
9Hitachi Kokusai Electric ISnex HC-IP9100HD POST Request ptipupgrade.cgi access control5.95.8$0-$5k$0-$5kNot DefinedNot Defined0.100.00885CVE-2022-37680
10LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.140.00000
11Linux Kernel ebpf Verifier verifier.c adjust_scalar_min_max_vals unknown vulnerability4.34.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00950CVE-2021-4159
12Zoom On-Premise Meeting Connector Zone Controller STUN Error Code stack-based overflow7.47.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.01086CVE-2022-28750
13PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.450.01213CVE-2007-0529
14Verizon 5G Home LVSKIHP OutDoorUnit crtcrpc JSON Listener rpc.lua crtcswitchsimprofile os command injection9.39.1$0-$5k$0-$5kNot DefinedNot Defined0.080.01978CVE-2022-28375
15SourceCodester School File Management System Update Account Form student_profile.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.02192CVE-2021-46824
16Cisco Secure Email and Web Manager Web-based Management Interface improper authentication9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.01055CVE-2022-20798
17Web2py Password 7pk security7.76.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01136CVE-2016-10321
18MantisBT API SOAP mc_project_get_users sql injection5.04.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.05473CVE-2020-28413
19PHPWind goto.php cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.040.01213CVE-2015-4135
20MantisBT access control7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01319CVE-2014-9572

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • LilithBot

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (70)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin.php/admin/art/data.htmlpredictiveHigh
2File/forum/away.phppredictiveHigh
3File/goform/SetNetControlListpredictiveHigh
4File/ptipupgrade.cgipredictiveHigh
5File/secure/admin/InsightDefaultCustomFieldConfig.jspapredictiveHigh
6Fileadmin/categories_industry.phppredictiveHigh
7Fileadmin/content/postcategorypredictiveHigh
8FileAdminstrator/Users/Edit/predictiveHigh
9Filexxxxx.xxxpredictiveMedium
10Filexxx_xx_xxx_xxx.xxxpredictiveHigh
11Filexxxxxxxx.xxxpredictiveMedium
12Filexxx.xpredictiveLow
13FilexxxpredictiveLow
14Filexxx/xxxxxxxx/xxxx/xxxxxxxx.xxpredictiveHigh
15Filexxxxxxx/xxx/xxx-xx.xpredictiveHigh
16Filexxx_xxxx.xpredictiveMedium
17Filexxx/xxxxx.xxxxxpredictiveHigh
18Filexxxx.xxxpredictiveMedium
19Filexxx/xxxxxx.xxxpredictiveHigh
20Filexxxxxxx/xxxxx.xxx.xxxpredictiveHigh
21Filexxxxxxxx/xxx/xxx_xx_xxxxxxx.xxxpredictiveHigh
22Filexxxxx.xxxxpredictiveMedium
23Filexx_xxxxx.xpredictiveMedium
24Filexxxxx_xxxxx.xpredictiveHigh
25Filexxxxxx/xxx/xxxxxxxx.xpredictiveHigh
26Filexxxx.xxxpredictiveMedium
27Filexxxxx.xxxpredictiveMedium
28Filexxxxxxx/xxxxxx/xxxxxx/xxxxxxxxx.xxx#xxxpredictiveHigh
29Filexxx/xxxxxxxxx/xx_xxx_xxxxxx.xpredictiveHigh
30Filexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
31Filexxxxxxxxx/xxxxx.xxxxxpredictiveHigh
32Filexxxxx/xxxxx.xxxxxpredictiveHigh
33Filexxxxxxx.xpredictiveMedium
34Filexxxxxxxx.xxxpredictiveMedium
35Filexx_xxxx.xxpredictiveMedium
36Filexxx.xpredictiveLow
37FilexxxxxxxxxxxxxxxxpredictiveHigh
38Filexxxxxxx_xxxxxxx.xxxpredictiveHigh
39Filexxx-xxxxxxx-xxx.xxpredictiveHigh
40Filexxxx-xxxxx.xxxpredictiveHigh
41Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
42Library/xxx/xxx/xxx/x.x/xxxx/xxxxxxxxxx/xxx.xxxpredictiveHigh
43Libraryxx.xxxxxxxxxx.xxxxxxxxxxxxxxx.xxxpredictiveHigh
44Libraryxxx/xxxxxxxxx/xxxxxxxx.xxxxx.xxxpredictiveHigh
45Libraryxxxxxxx.xxxpredictiveMedium
46Libraryxxxxx.xxxpredictiveMedium
47Libraryxxxxxxxxxxxxx.xxx)predictiveHigh
48ArgumentxxxxxxpredictiveLow
49ArgumentxxxpredictiveLow
50Argumentxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
51ArgumentxxxxxxpredictiveLow
52ArgumentxxxxxxxxpredictiveMedium
53Argumentx:\xxxxxxx\xpredictiveMedium
54Argumentxxx_xxxpredictiveLow
55ArgumentxxxxpredictiveLow
56ArgumentxxpredictiveLow
57ArgumentxxxxxxxpredictiveLow
58ArgumentxxxxxxxxpredictiveMedium
59ArgumentxxxxpredictiveLow
60ArgumentxxxxpredictiveLow
61ArgumentxxpredictiveLow
62Argumentxxxxxx xxxxxxpredictiveHigh
63ArgumentxxxxpredictiveLow
64Argumentx_xxxxpredictiveLow
65Argumentxxxxxx/xxxxxpredictiveMedium
66ArgumentxxxxxpredictiveLow
67ArgumentxxpredictiveLow
68ArgumentxxxpredictiveLow
69ArgumentxxxxxxpredictiveLow
70Input Value//xxx//xxxxxxx.xxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you know our Splunk app?

Download it now for free!