Expiro Analysis

IOB - Indicator of Behavior (223)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en194
de12
es6
ru4
fr4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us84
ru48
fr4
ir4
cl2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows20
WordPress8
nginx4
Microsoft Office4
Micro Focus VisiBroker4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.030.00986CVE-2008-4879
2OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.550.49183CVE-2016-6210
3WordPress sql injection7.36.6$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.000.01018CVE-2011-3130
4Apache Tomcat CORS Filter 7pk security8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.07767CVE-2018-8014
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.590.04187CVE-2010-0966
6Apache HTTP Server suEXEC Feature .htaccess information disclosure5.35.0$5k-$25k$0-$5kProof-of-ConceptWorkaround0.020.00000
7WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.01974CVE-2017-5611
8Microsoft Office Object data processing7.06.3$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.90147CVE-2017-8570
9TP-LINK TL-WR740N/TL-WR741N Firmware Local Privilege Escalation5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00000
10Drupal User Module access control8.88.4$0-$5kCalculatingNot DefinedOfficial Fix0.060.01132CVE-2016-6211
11thorsten phpmyfaq missing secure attribute5.85.8$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2022-4409
12Google Chrome GPU heap-based overflow7.97.8$25k-$100k$5k-$25kHighOfficial Fix0.060.07865CVE-2022-4135
13Microsoft Windows Scripting Language Remote Code Execution8.88.4$25k-$100k$5k-$25kFunctionalOfficial Fix0.030.01601CVE-2022-41128
14nginx request smuggling6.96.9$0-$5k$0-$5kNot DefinedNot Defined4.370.00000CVE-2020-12440
15NdkAdvancedCustomizationFields rotateimg.php server-side request forgery7.37.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00885CVE-2022-40842
16Ruby cgi.rb response splitting7.57.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00950CVE-2021-33621
17IObit IOTransfer unquoted search path7.06.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.02362CVE-2022-37197
18Best Practical Request Tracker Auth.pm timing discrepancy2.62.5$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01018CVE-2021-38562
19Juniper Junos OS Transit Traffic denial of service7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2021-0283
20Best Practical RT credentials management5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01132CVE-2012-4733

IOC - Indicator of Compromise (26)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (125)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File.htaccesspredictiveMedium
2File/ajax-files/followBoard.phppredictiveHigh
3File/DATAREPORTSpredictiveMedium
4File/etc/gsissh/sshd_configpredictiveHigh
5File/Forms/predictiveLow
6File/getcfg.phppredictiveMedium
7File/maint/modules/home/index.phppredictiveHigh
8File/uncpath/predictiveMedium
9Fileaccount.asppredictiveMedium
10Fileaddentry.phppredictiveMedium
11Fileapi.phppredictiveLow
12Filecarbon/resources/add_collection_ajaxprocessor.jsppredictiveHigh
13Filecgi-bin/cmh/webcam.shpredictiveHigh
14Filecgi.rbpredictiveLow
15Filexxxxxx.xxxpredictiveMedium
16Filexxxxx_xxxx.xxxpredictiveHigh
17Filexxxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
18Filexxxxxx/xxx.xpredictiveMedium
19Filexxx.xxx.xxxxpredictiveMedium
20Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
21Filexxxxxxx/xxx_xxxxxxx.xxxpredictiveHigh
22Filexxxxxx-xxxx.xpredictiveHigh
23Filexxxxx_xxxx.xpredictiveMedium
24Filexxxxxxxx.xxxpredictiveMedium
25Filexxx/xxxx/predictiveMedium
26Filexxxxxxxxxxxxxx.xxxpredictiveHigh
27Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
28Filexxx/xxxxxxxxxx.xpredictiveHigh
29Filexxxxx.xxxpredictiveMedium
30Filexxxx.xxxpredictiveMedium
31Filexxxx/xxxxxx.xpredictiveHigh
32Filexxxxxxxx.xxxpredictiveMedium
33Filexxx/xxxxxx.xxxpredictiveHigh
34Filexxxxx.xxxpredictiveMedium
35Filexxxxxx/xxxxx/xxxxx.xpredictiveHigh
36Filexxxxxxx/xxxx-xxxx.xpredictiveHigh
37Filexxxxx.xxxpredictiveMedium
38Filexxxx.xpredictiveLow
39Filexxxxxx/xxxxxx.xpredictiveHigh
40Filexxxxxxxxxx/xxxxx.xpredictiveHigh
41Filexx/predictiveLow
42Filexxx_xxxxx_xxxxxx_xxxxx.xxxpredictiveHigh
43Filexxxx.xxxxxxxxxx.xxxpredictiveHigh
44Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
45Filexxxxx-xxxx.xxxpredictiveHigh
46Filexxxx.xxxpredictiveMedium
47FilexxxxxxxpredictiveLow
48Filexxxxxx.xxxpredictiveMedium
49Filexxxxxxxxxxx_xxxxxx/xxxxxxxxxxxx/xxx_xxxxxxxxxxx.xxxpredictiveHigh
50Filexxxxxxx.xxpredictiveMedium
51Filexxx/xxxxxxx/xxxxxx/xxxx/xxxxx/xxxxxxx/xxxxxx/xxxxx/xxx%xxxxxxxxxxxxx.xx.xxxpredictiveHigh
52Filexxxxxxxxx.xxxpredictiveHigh
53Filexxxxxxxxxx.xxxpredictiveHigh
54Filexxxxxxxxxxx.xxxpredictiveHigh
55Filexxxxxxxxx_xxxxxxxxx.xxxpredictiveHigh
56Filexxxxxxxxx/xxxxx/xxxx/xxx_xxxxxxx/xxxxxxx/xxxxxxx.xxxpredictiveHigh
57Filexxxxxxx.xxxpredictiveMedium
58Filexxxxxx.xxxpredictiveMedium
59Filexxxxxx-xxxxxxx-xxxx.xxxpredictiveHigh
60Filexxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxx_xxx.xxxxpredictiveHigh
61Filexxxxxxx.xxxpredictiveMedium
62Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
63Filexxxxx_xx.xxxpredictiveMedium
64Filexxxx/xx_xxxxxxx.xxxpredictiveHigh
65Filexxxxx/xxxxx.xxpredictiveHigh
66Filexxxxxx.xxxpredictiveMedium
67Filexxxxxxx/xxxxxx.xpredictiveHigh
68Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx-xxxxx.xxxpredictiveHigh
69Filexx-xxxxx/xxxxxxx-xxxxxxx.xxxpredictiveHigh
70Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
71Filexxxxxx.xxxpredictiveMedium
72Library/xxx/xxx/xxxx.xxxpredictiveHigh
73Libraryxxx/xx/xxxxx/xxxxxxxxxx/xxxx.xxpredictiveHigh
74Libraryxxxxxxx/xxx/xxxxxxxxxxxx.xxxpredictiveHigh
75Libraryxxxxxxx.xxxpredictiveMedium
76Libraryxxxxxx/x/xxxxxxxxpredictiveHigh
77ArgumentxxxxxxxxpredictiveMedium
78ArgumentxxxxxpredictiveLow
79ArgumentxxxxpredictiveLow
80ArgumentxxxpredictiveLow
81ArgumentxxxxxxxpredictiveLow
82Argumentxxxxxxxxxxxxxx/xxxxxxxxxxpredictiveHigh
83Argumentxxxxxx[xxxxxxx_xxx]predictiveHigh
84ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
85ArgumentxxxxxxxxpredictiveMedium
86Argumentxxxxxxxx_xxxxx[]predictiveHigh
87ArgumentxxxxxxxxxpredictiveMedium
88Argumentxxxxx.xxx?xxxxxx=xxx_xxxxxxx/xxxx=xxxxxxx/xx=x/xxxxxxxx=xxxxxpredictiveHigh
89ArgumentxxxxxxxxxpredictiveMedium
90ArgumentxxxpredictiveLow
91ArgumentxxxxpredictiveLow
92Argumentxxx_xxxpredictiveLow
93ArgumentxxxxpredictiveLow
94Argumentxx_xxxxxxxxpredictiveMedium
95ArgumentxxxxpredictiveLow
96ArgumentxxxpredictiveLow
97ArgumentxxxxxxxxpredictiveMedium
98Argumentxxxx[xxxxxxxxxxxxxxxxx]predictiveHigh
99Argumentxxxx_xxxxpredictiveMedium
100Argumentxxxxx_xxxx_xxxxpredictiveHigh
101ArgumentxxxpredictiveLow
102ArgumentxxxxxxxxpredictiveMedium
103ArgumentxxxxxpredictiveLow
104ArgumentxxxxpredictiveLow
105ArgumentxxxxxxpredictiveLow
106ArgumentxxxxxxxxxxxxxpredictiveHigh
107ArgumentxxxxpredictiveLow
108ArgumentxxxxpredictiveLow
109ArgumentxxxxxxxxpredictiveMedium
110ArgumentxxxxxxxxpredictiveMedium
111ArgumentxxxpredictiveLow
112ArgumentxxxxpredictiveLow
113Argumentxxxx->xxxxxxxpredictiveHigh
114Argumentxxxxx_xxxxxxpredictiveMedium
115ArgumentxxxxxpredictiveLow
116Input Value#/+predictiveLow
117Input Value' xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxxxx_xxxx xxxxx xx x)x) xxx 'xxxx'='xxxxpredictiveHigh
118Input Value../predictiveLow
119Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
120Input Value\xpredictiveLow
121Network PortxxxxpredictiveLow
122Network Portxxx/xxxxpredictiveMedium
123Network Portxxx/xxxxpredictiveMedium
124Network Portxxx/xxx (xxxx)predictiveHigh
125Network Portxxx xxxxxx xxxxpredictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!