Gallmaker Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en55
zh2
de1

Country

la25
us13

Actors

Activities

Interest

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Shenzhen Yunni Technology iLnkP2P UID Generator Random cryptographic issues7.77.7$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2019-11219
2Cisco Linksys Router tmUnblock.cgi privileges management9.89.2$25k-$100k$0-$5kHighWorkaround0.08
3Adobe ColdFusion File Upload unrestricted upload8.07.5$5k-$25k$0-$5kFunctionalOfficial Fix0.00CVE-2019-7816
4xrdp hard-coded key3.73.7$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2021-36158
5All in One SEO Best WordPress SEO Plugin Import/Export code injection5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-24307
6Microsoft Office memory corruption7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2018-0851
7Microsoft Outlook S/MIME resource management6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2013-3870
8Sophos Firewall User Portal/Webadmin improper authentication8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2022-1040
9Progress Telerik UI for ASP.NET AJAX Telerik.Web.UI.WebResource.axd command injection8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-28141
10Photo Gallery by 10Web Plugin SQL Statement bwg_frontend_data sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2022-0169
11Mongoose mg_mqtt.c parse_mqtt memory corruption8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-12951
12Yii Framework Exception Error ErrorHandler.php information disclosure6.45.6$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2018-6010
13Qualcomm Snapdragon Mobile Thermal Engine use after free6.56.5$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2017-18157
14SonicWALL Secure Remote Access cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2021-20028
15WP Super Cache Plugin Cache Settings wp-cache-config.php code injection6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-24209
16Rocklobster Contact Form 7 unrestricted upload6.36.3$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2020-35489
17GNU Mailman cross-site request forgery8.88.4$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2016-7123
18WordPress WP_Query sql injection6.36.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.56CVE-2022-21661
19Ecommerce-CodeIgniter-Bootstrap blog.php cross site scripting5.45.1$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-25093
20Ecommerce-CodeIgniter-Bootstrap Parameter products.php cross site scripting4.84.7$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-40975

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsConfidence
194.140.116.124GallmakerHigh
2XX.XXX.XXX.XXXXxxxxxxxxHigh
3XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxxxxxxHigh

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (35)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1Fileapplication/modules/admin/views/ecommerce/products.phpHigh
2Filebase/ErrorHandler.phpHigh
3Fileblog.phpMedium
4Filec4t64fx.cMedium
5Filecgi-bin/webcmHigh
6Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
7Filexx.xxxLow
8Filexxxxxxx/xxx/xxxxxxxx/xxxxxx/xxxxxxx.xHigh
9Filexxxx-xxxxxx.xxxHigh
10Filexxxxx.xxxMedium
11Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxHigh
12Filexxxxxxxxx.xMedium
13Filexx_xxxx.xMedium
14Filexxxxxxxxxxxxxx.xxxHigh
15Filexxxxxxxxxx_xxxxxxxxx.xxxHigh
16Filexxxxxx/xxx/xxxxxxxx/xxxxx/xxxxx_xxxx.xxHigh
17Filexxxx/xxxxxxxxxxxxxx/xxxx_xxxxxxx.xHigh
18Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxHigh
19Filexxxxxxxxx.xxxHigh
20Filexx-xxxxx-xxxxxx.xxxHigh
21Filexx-xxxxxxxx/xxxxxxxxx.xxxHigh
22File~/xxx/xxxx-xxxxxxxxx.xxxHigh
23Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xHigh
24Argumentxxxxx_xxxxMedium
25ArgumentxxxLow
26ArgumentxxxxxxxxMedium
27ArgumentxxxxLow
28Argumentxxxxxx_xxxxxMedium
29ArgumentxxxxxxLow
30ArgumentxxxxxxxLow
31Argumentxxxxx/xxxMedium
32Argumentxxxx_xxLow
33Argumentxxx:xxxxMedium
34Argument_xxx_xxxxxxxxxxx_High
35Network Portxxx/xxxxMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!