FakeAlert Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en33
es1
de1
fr1

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Cisco Linksys EA2700 URL information disclosure4.34.1$5k-$25k$0-$5kProof-of-ConceptWorkaround0.00
2Basti2web Book Panel books.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.04CVE-2009-4889
3HotScripts Clone Script software-description.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.05CVE-2007-6084
4Samsung UWB Stack memory corruption6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2022-25818
5Google Android App Pinning LockTaskController.java shouldLockKeyguard improper authentication6.05.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.07CVE-2021-0472
6XAMPP xampp-contol.ini privileges management7.06.7$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-11107
7McAfee Network Security Management Command Line Interface information disclosure5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2020-7284
8Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.00CVE-2008-4879
9Microsoft Windows Media Player ENCDEC.DLL code injection9.89.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2011-3401
10ESMI PayPal Storefront products1h.php cross site scriting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.09CVE-2005-0936
11Instant Photo Gallery content.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.03
12TeamPass Access Control items.queries.php access control7.26.8$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2017-15055
13AFFcommerce ItemReview.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.05
14Gempar Script Toko Online shop_display_products.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.04CVE-2009-0296
15Google Chrome Utility Process race condition9.89.4$25k-$100k$0-$5kNot DefinedOfficial Fix0.03CVE-2011-3961
16Itechscripts iTechBids detail.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.04CVE-2008-0776
17MidiCart PHP Shopping Cart item_show.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.09
18UAEPD Shopping Cart Script products.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.00CVE-2014-1618
19Samba SMB1 use after free8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-14746
20Qualcomm Snapdragon Auto Radio Index array index7.87.8$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2018-11899

IOC - Indicator of Compromise (13)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
3TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh

IOA - Indicator of Attack (29)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/getcfg.phppredictiveMedium
2Filebooks.phppredictiveMedium
3Filecoders/tiff.cpredictiveHigh
4Filecontent.phppredictiveMedium
5Filexxxxxx.xxxpredictiveMedium
6Filexxxxxxx.xxxpredictiveMedium
7Filexxxxxxxxxx.xxxpredictiveHigh
8Filexxxxx.xxxxxxx.xxxpredictiveHigh
9Filexxxx_xxxx.xxxpredictiveHigh
10Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
11Filexxxx.xxxpredictiveMedium
12Filexxxxxxxx.xxxpredictiveMedium
13Filexxxxxxxxxx.xxxpredictiveHigh
14Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveHigh
15Filexxxxxxxx-xxxxxxxxxxx.xxxpredictiveHigh
16Filexxxxxxxxx.xxpredictiveMedium
17Filexxxxx-xxxxxx.xxxpredictiveHigh
18Libraryxxxxxx.xxxpredictiveMedium
19ArgumentxxxxxxpredictiveLow
20ArgumentxxxpredictiveLow
21Argumentxxx_xxpredictiveLow
22ArgumentxxxpredictiveLow
23Argumentxxxx_xxpredictiveLow
24ArgumentxxpredictiveLow
25Argumentxxxx_xxpredictiveLow
26ArgumentxxxxxxxxpredictiveMedium
27Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveHigh
28Pattern|xx|xx|xx|predictiveMedium
29Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!