Farseer Analysis

IOB - Indicator of Behavior (132)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en104
es8
zh8
de4
sv4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us54
cn46
ca6
jp4
es4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

phpMyAdmin6
DZCP deV!L`z Clanportal4
Juniper Junos4
Atlassian JIRA Server4
Atlassian Data Center4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
2OpenSSL c_rehash os command injection5.55.3$5k-$25k$5k-$25kNot DefinedOfficial Fix0.060.36880CVE-2022-1292
3Tiki Wiki CMS Groupware tiki-jsplugin.php input validation8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.010.01018CVE-2010-4239
4Geddy index.js path traversal5.35.1$0-$5kCalculatingNot DefinedOfficial Fix0.030.01213CVE-2015-5688
5Asus AsusWRT start_apply.htm os command injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.040.02055CVE-2018-20334
6EvoStream Media Server HTTP Request memory corruption7.46.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.08382CVE-2017-6427
7DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.640.04187CVE-2010-0966
8Zulip Server Storage Backend cross site scripting4.44.3$0-$5kCalculatingNot DefinedOfficial Fix0.020.00885CVE-2018-9999
9WUZHI CMS cross-site request forgery6.56.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.08382CVE-2018-10312
10WebCalendar settings.php file inclusion7.36.6$0-$5kCalculatingProof-of-ConceptOfficial Fix0.010.01408CVE-2005-2717
11Allen Bradley MicroLogix 1400 File Permission access control8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2017-14465
12Quest JavaMelody PayloadNameRequestWrapper.java parseSoapMethodName xml external entity reference8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01018CVE-2018-15531
13Varnish Cache/Enterprise HTTP2 request smuggling5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01108CVE-2021-36740
14ED01-CMS unrestricted upload6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00885CVE-2022-28525
15MinDoc ZIP File unrestricted upload5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2022-29637
16Microsoft SQL Server Privilege Escalation8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.060.01150CVE-2021-1636
17WP Rocket Plugin path traversal6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00954CVE-2017-11658
18Samsung SyncThru 6 updateDriver path traversal8.17.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000.06908CVE-2015-5473
19OpenVPN Control Channel Data authentication bypass4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000.01408CVE-2020-15078
20Microsoft Windows Print Spooler Privilege Escalation8.17.4$100k and more$5k-$25kUnprovenOfficial Fix0.060.09099CVE-2022-21999

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (86)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/.vnc/sesman_${username}_passwdpredictiveHigh
2File/admin/users.php?source=edit_user&id=1predictiveHigh
3File/forum/away.phppredictiveHigh
4File/icingaweb2/navigation/addpredictiveHigh
5File/phppath/phppredictiveMedium
6File/rest/collectors/1.0/template/custompredictiveHigh
7File/start_apply.htmpredictiveHigh
8File/uncpath/predictiveMedium
9File/WEB-INF/web.xmlpredictiveHigh
10Fileabook_database.phppredictiveHigh
11Filexxxxx/xxxx_xxxxx_xxxx.xxxpredictiveHigh
12Filexxxxx.xxxpredictiveMedium
13Filexxxx/xxxxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
14Filexxxxxxxx.xxxpredictiveMedium
15Filexxx_xxxxxxx.xxxpredictiveHigh
16Filexxx-xxx/xxxxxx.xxxpredictiveHigh
17Filexxxxxx/xx.xpredictiveMedium
18Filex_xxxxxxpredictiveMedium
19Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
20Filexxxxxxxxxx.xpredictiveMedium
21Filexxxxx_xxxxxxxxxxxx.xxxpredictiveHigh
22Filexxxx.xxxpredictiveMedium
23Filexxxx_xxxxxxx.xxx.xxxpredictiveHigh
24Filexxxx_xxxx.xpredictiveMedium
25Filexxxxxxxx.xxxpredictiveMedium
26Filexxx/xxxxxx.xxxpredictiveHigh
27Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
28Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxpredictiveHigh
29Filexxxxx.xxx?x=xxxxxx&x=xx_xxxxxpredictiveHigh
30Filexx/xxx/xxxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxx_xxxxx/_/xxxxxxx_xxxpredictiveHigh
31Filexxx/xxx/xxxxx.xxpredictiveHigh
32Filexxxxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
33Filexxxxxxxxx/xxxxxx.xxx.xxxpredictiveHigh
34Filexxxxx.xxxxpredictiveMedium
35Filexxx/xxxx/xxxx_xxxxxxxxxx_xxxx.xpredictiveHigh
36Filexxxxxxxxxxx-xxxx.xxpredictiveHigh
37Filexxxxx/xxxxxxx.xpredictiveHigh
38Filexxxxx.xxxpredictiveMedium
39Filexxxxxx.xpredictiveMedium
40Filexxxxxxxx_xxxxxx.xxxpredictiveHigh
41Filexxxxxxxxxxx.xxpredictiveHigh
42Filexxxxx.xxxpredictiveMedium
43Filexxxxxx_xxxxxx.xxpredictiveHigh
44Filexxxx/xxx/xxx_xxxx.xpredictiveHigh
45Filexxxxxxxxx/xxxxxx.xpredictiveHigh
46Filexxxxxxxx.xxxpredictiveMedium
47Filexxxxx.xxxpredictiveMedium
48Filexxxx-xxxxxxxx.xxxpredictiveHigh
49Filexxxxxx/xxxxxxxxxxxxpredictiveHigh
50Filexxx.xxxpredictiveLow
51Filexx-xxxxx/xxxxx.xxx?xxxx=xxx-xxxxx&xxxxxx=xxxx-xxxxxpredictiveHigh
52Filexx-xx-xxxxxx.xxxpredictiveHigh
53Libraryxxx/xxx/xxxxx.xxpredictiveHigh
54Libraryxxx/xxxx.xpredictiveMedium
55Argument$_xxxxxx['xxxxx_xxxxxx']predictiveHigh
56Argument${xxx}predictiveLow
57Argument/.xxx/xxxxxx_${xxxxxxxx}_xxxxxxpredictiveHigh
58Argumentxxxxxxx xx/xxxxxxx xxxxpredictiveHigh
59ArgumentxxxxxxpredictiveLow
60ArgumentxxxxxxxxpredictiveMedium
61ArgumentxxxxxxpredictiveLow
62ArgumentxxxpredictiveLow
63Argumentxxx_xxxxpredictiveMedium
64Argumentxxxx/xxxxpredictiveMedium
65Argumentxx_xxxxxpredictiveMedium
66ArgumentxxxxpredictiveLow
67ArgumentxxxxxpredictiveLow
68ArgumentxxpredictiveLow
69ArgumentxxxxxxxxpredictiveMedium
70Argumentxxxxxx_xxxxxpredictiveMedium
71ArgumentxxxxpredictiveLow
72Argumentxxxxx_xxpredictiveMedium
73ArgumentxxxxxxxxpredictiveMedium
74Argumentxxxx_xxxxpredictiveMedium
75Argumentxxxx_xxpredictiveLow
76Argumentxxxxxx_xxxxxxxx_xxpredictiveHigh
77ArgumentxxxpredictiveLow
78ArgumentxxxxxxxxpredictiveMedium
79ArgumentxxxpredictiveLow
80Argumentxxxx-xxxxxpredictiveMedium
81ArgumentxxxxxxxxpredictiveMedium
82Input Value-xpredictiveLow
83Input Value.%xx.../.%xx.../predictiveHigh
84Input Value..%xxpredictiveLow
85Network Portxxx/xx (xxxxxx)predictiveHigh
86Network Portxxx/xx (xxx xxxxxxxx)predictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!