Groundbait Analysisinfo

IOB - Indicator of Behavior (43)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en28
de16

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

tcpdump8
Google Chrome6
Fortinet FortiWLC4
Moodle2
Apple iOS2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1Creme CRM Salesman Creation Page Stored cross site scripting4.44.4$0-$5k$0-$5kNot definedNot defined 0.002060.00CVE-2018-14396
2tcpdump AH Parser print-ah.c ah_print memory corruption8.07.9$0-$5k$0-$5kNot definedOfficial fix 0.009250.03CVE-2016-7922
3tcpdump GeoNetworking Parser print-geonet.c memory corruption8.07.9$0-$5k$0-$5kNot definedOfficial fix 0.009310.03CVE-2016-7986
4tcpdump PPP Parser print-ppp.c ppp_hdlc_if_print memory corruption8.07.9$0-$5k$0-$5kNot definedOfficial fix 0.009310.00CVE-2016-7933
5tcpdump ISAKMP Parser print-isakmp.c ikev2_e_print memory corruption8.07.9$0-$5k$0-$5kNot definedOfficial fix 0.010800.00CVE-2017-5205
6tcpdump GRE Parser print-gre.c memory corruption8.07.9$0-$5k$0-$5kNot definedOfficial fix 0.009310.00CVE-2016-7939
7tcpdump RTCP Parser print-udp.c rtcp_print memory corruption8.07.9$0-$5k$0-$5kNot definedOfficial fix 0.009310.00CVE-2016-7934
8Online Pet Shop We App manage_category sql injection6.76.6$0-$5k$0-$5kNot definedNot defined 0.000580.00CVE-2022-41377
9Moodle Administration Page sql injection7.27.2$5k-$25k$5k-$25kNot definedNot defined 0.003660.00CVE-2022-40315
10SquirrelMail information disclosure3.33.3$0-$5k$0-$5kNot definedWorkaround 0.000000.00
11Oracle Communications Cloud Native Core Policy code injection9.89.7$25k-$100k$0-$5kAttackedOfficial fixverified0.944740.00CVE-2022-22963
12Oracle Communications Cloud Native Core Security Edge Protection Proxy SEPP denial of service7.57.3$5k-$25k$0-$5kNot definedOfficial fix 0.004770.00CVE-2020-36518
13Oracle Communications Cloud Native Core Network Function Cloud Native Environment CNE path traversal7.57.3$5k-$25k$0-$5kNot definedOfficial fix 0.006220.00CVE-2019-20916
14Oracle Communications Cloud Native Core Network Function Cloud Native Environment CNE buffer overflow9.89.6$100k and more$25k-$100kNot definedOfficial fix 0.004170.03CVE-2022-23219
15Google Chrome Extensions API privilege escalation5.55.3$25k-$100k$0-$5kNot definedOfficial fix 0.000210.04CVE-2022-2164
16Dell Command Update/Alienware Update Advanced Driver Restore uncontrolled search path7.87.6$5k-$25k$0-$5kNot definedOfficial fix 0.000390.00CVE-2022-24426
17Microsoft Internet Explorer mshtmled.dll code injection6.35.7$25k-$100k$0-$5kProof-of-ConceptOfficial fixpossible0.634710.07CVE-2010-3329
18AShop Deluxe salesadmin.php cross site scripting3.53.5$0-$5k$0-$5kNot definedNot defined 0.000000.03
19Cisco IOS XR CLI Permission access control7.47.1$25k-$100k$0-$5kNot definedOfficial fix 0.000480.00CVE-2017-6728
20Oracle MySQL Server DML access control6.56.2$5k-$25k$0-$5kNot definedOfficial fix 0.003710.00CVE-2017-3634

IOC - Indicator of Compromise (10)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (18)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/pet_shop/admin/?page=maintenance/manage_categorypredictiveHigh
2Fileadmin/salesadmin.phppredictiveHigh
3Filedrivers/gpu/drm/udl/udl_fb.cpredictiveHigh
4Filexxxxxx.xpredictiveMedium
5Filexxxxx-xx.xpredictiveMedium
6Filexxxxx-xxxxxx.xpredictiveHigh
7Filexxxxx-xxx.xpredictiveMedium
8Filexxxxx-xxxxxx.xpredictiveHigh
9Filexxxxx-xxx.xpredictiveMedium
10Filexxxxx-xxx.xpredictiveMedium
11Filexxxxxx.xpredictiveMedium
12Filexxx/xxxx.xpredictiveMedium
13Libraryxxxxxxxx.xxxpredictiveMedium
14Argumentxxxxxxxxx/xxxxxxxx/xxxxxxx_xxxxxxx-xxxxxxx/xxxxxxx_xxxxxxx-xxxxxxx/xxxxxxx_xxxxxxx-xxxx/xxxxxxx_xxxxxxx-xxxxxxxxxx/xxxxxxxx_xxxxxxx-xxxxxxx/xxxxxxxx_xxxxxxx-xxxxxxx/xxxxxxxx_xxxxxxx-xxxx/xxxxxxxx_xxxxxxx-xxxxxxxxxxpredictiveHigh
15ArgumentxxpredictiveLow
16Argumentxxxxxxx/xxxxxxxxxxxxxpredictiveHigh
17ArgumentxxxxxxxxxxpredictiveMedium
18ArgumentxxxxxxxxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!