Generickdz Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en22
de2
pl1
es1

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1upload-image-with-ajax File Upload unrestricted upload8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2019-8293
2osTicket open_form.php file inclusion7.36.4$0-$5k$0-$5kProof-of-ConceptUnavailable0.05CVE-2006-5407
3OpenSSL asn1_item_embed_new Free memory corruption7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.01
4HP 3PAR Service Processor SP information disclosure4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.03CVE-2015-5443
5IBM Power 5 credentials management9.69.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.04CVE-2012-4856
6VMware Unified Access Gateway/Horizon View memory corruption8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.09CVE-2017-4907
7Microsoft File Checksum Integrity Verifier DLL Loader fciv.exe privileges management5.34.6$5k-$25k$0-$5kProof-of-ConceptUnavailable0.06
8Microsoft Internet Explorer MHT File xml external entity reference4.34.1$25k-$100k$0-$5kProof-of-ConceptWorkaround0.04
9JFrog Artifactory Pro SAML SSO Signature Validator signature verification8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2018-19971
10Oracle Database Server Portable Clusterware Remote Code Execution9.89.4$25k-$100k$0-$5kNot DefinedOfficial Fix0.00CVE-2015-4863
11Apache CouchDB Windows Installer nssm.exe access control6.56.2$5k-$25k$0-$5kProof-of-ConceptNot Defined0.07CVE-2016-8742
12Unix empire Invoked Shell privileges management5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.03
13Prosody XMPP improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2018-10847
14Atmail Remote Code Execution9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2013-5033
15Zend Framework Zend_Db_Select sql injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2016-4861
16RoundCube Webmail Password Plugin access control7.56.6$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2017-8114
17Jelsoft vBulletin announcement.php sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2005-3022
18AnServ Auction XL viewfaqs.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.05CVE-2008-2189
19Comcast MX011ANM SNMP Server access control5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2017-9496
20Cisco IOS XE Challenge-Response input validation7.86.8$25k-$100k$0-$5kUnprovenOfficial Fix0.05CVE-2014-7990

IOC - Indicator of Compromise (15)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorConfidence
1T1059.007CWE-79Cross Site ScriptingHigh
2TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxHigh

IOA - Indicator of Attack (12)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1Fileannouncement.phpHigh
2Filefciv.exeMedium
3Filexxxxx.xxxMedium
4Filexxxx.xxxMedium
5Filexxxx_xxxx.xxxHigh
6Filexxxxxxxx.xxxMedium
7Filexxxxxx.xxxMedium
8ArgumentxxxLow
9Argumentxxxx_xxxxxxxx_xxxxHigh
10Argumentxxxxxxx_xxxMedium
11ArgumentxxxxxxxxMedium
12ArgumentxxxxxxxxxxxxxxxxHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!