GuLoader Analysis

IOB - Indicator of Behavior (197)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en170
zh11
es6
de6
pl2

Country

us136
cn20
ru4
ir3
ca2

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.980.04187CVE-2010-0966
3WooCommerce Stock Manager Plugin Nonce import-export.php cross-site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.050.00885CVE-2021-34619
4Oracle GlassFish Server Java Server Faces path traversal5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.10896CVE-2013-3827
5PHPWind goto.php redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.320.01213CVE-2015-4134
6TIBCO iWay Service Manager Console pathname traversal6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.060.00885CVE-2022-30572
7Linux Kernel Filesystem Layer out-of-bounds write8.87.9$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.040.01547CVE-2021-33909
8JForum Login input validation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.030.01055CVE-2012-5338
9Rocket.Chat Password Reset information disclosure4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.040.01183CVE-2020-28208
10phpMyAdmin cross-site request forgery5.45.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.16168CVE-2019-12616
11PHP HTTP Request sapi_apache2.c apache2handler input validation7.36.4$5k-$25k$0-$5kUnprovenOfficial Fix0.030.05689CVE-2015-3330
12PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.250.01213CVE-2007-0529
13Schweitzer Engineering Laboratories SEL-3620/SEL-3622 Access Control access control9.19.1$0-$5k$0-$5kNot DefinedNot Defined0.110.00885CVE-2017-7928
14GLPI htmlawed Module htmLawedTest.php code injection7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.280.83140CVE-2022-35914
15Horde Webmail Address Book Driver.php create injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00890CVE-2022-30287
16Alpine PhotoTile for Pinterest Plugin cross site scripting4.24.2$0-$5k$0-$5kNot DefinedNot Defined0.080.00885CVE-2022-36347
17Synacor Zimbra Collaboration Suite sudo Configuration zmslapd access control8.38.3$0-$5k$0-$5kHighOfficial Fix0.040.07810CVE-2022-37393
18ESRI Portal for ArcGIS System Property missing encryption5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2022-38194
19SourceCodester Company Website CMS add-portfolio.php unrestricted upload6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.080.00885CVE-2022-2751
20Avaya Aura Communication Manager Local System Administration access control7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00885CVE-2018-15611

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (14)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (92)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/dashboard/add-portfolio.phppredictiveHigh
2File/forum/away.phppredictiveHigh
3File/jerry-core/ecma/base/ecma-helpers-conversion.cpredictiveHigh
4File/loginpredictiveLow
5File/opt/IBM/es/lib/libffq.cryptionjni.sopredictiveHigh
6File/sdm-ws-rest/preconfigurationpredictiveHigh
7File/settingspredictiveMedium
8File/uapi/docpredictiveMedium
9File/uncpath/predictiveMedium
10File/updownload/t.reportpredictiveHigh
11File/vendor/htmlawed/htmlawed/htmLawedTest.phppredictiveHigh
12File/xxxxxxxxxxx-xxxxx-xxxxxxx/xxxxx/xxxxx/xxxxx/xxxxxx-xxxxxx.xxxpredictiveHigh
13File/xx-xxxxxxx/xxxxxxx/xxxxxxxxxxx/xxxxx.xxxpredictiveHigh
14Filexxxxxxx.xxxpredictiveMedium
15Filexxx_xxxxxxx.xxxpredictiveHigh
16Filexxxxx/xxxxx_xxxxx.xxxpredictiveHigh
17Filexxxxx/xxxxxx.xxxpredictiveHigh
18Filexxxxxx/xxxxxx.xxpredictiveHigh
19Filexxxx_xxxxxxxxxxx.xxxpredictiveHigh
20Filexxxxxxxx.xxxpredictiveMedium
21Filexxxxxxxxx.xxxpredictiveHigh
22Filexxxxxx/xxxxxxx/xxxxxxxxxx_xxxxxxxx.xxxpredictiveHigh
23Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
24Filexxxxx-xxxxxx/xxxxxxx/xxxxx/xxxxxxxxxxxxx/xxxxxxx/xxxx_xxxxxxx.xxxpredictiveHigh
25Filexxxx.xxxpredictiveMedium
26Filexxxx_xxxxx.xpredictiveMedium
27Filexxxx.xxxpredictiveMedium
28Filexxxxxxxxx.xxxpredictiveHigh
29Filexxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
30Filexx/xxxxxxx/xxxxxx-xxx-xx.xpredictiveHigh
31Filexxx/xxxxxx.xxxpredictiveHigh
32Filexxxxxxx/xxxxxxx/xxxxxxxx.xxx.xxxpredictiveHigh
33Filexxxxx.xxxxpredictiveMedium
34Filexxxxxx/xxxxxx.xpredictiveHigh
35Filexxxxxx/xxxxxx.xpredictiveHigh
36Filexxxxxxxxxxxxxxxx.xpredictiveHigh
37Filexxx/xxx/predictiveMedium
38Filexxxxxxxx.xxxpredictiveMedium
39Filexxxxx.xxxpredictiveMedium
40Filexxxxx.xxxpredictiveMedium
41Filexxxxxxxxxx.xxxpredictiveHigh
42Filexxxxxxxx-x.xxpredictiveHigh
43Filexxxxxxxx.xxxpredictiveMedium
44Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
45Filexx_xxxx.xpredictiveMedium
46Filexxxx_xxxxxxx.xpredictiveHigh
47Filexxxxx.xxxpredictiveMedium
48Filexxxx-xxxxxxxx.xxxpredictiveHigh
49Filexxxxx/xxx/xxxxxxx/xxxxxx.xxxpredictiveHigh
50Filexxxxxx.xxxpredictiveMedium
51Filexxxxxxxxxx/xxxxxxxxxx-xxxxx.xxxpredictiveHigh
52Filexxxxx.xxxpredictiveMedium
53Filexxx/xxxxxx-xxxxxxx.xxxpredictiveHigh
54Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
55Filexx-xxxxx.xxxpredictiveMedium
56FilexxxxxxxpredictiveLow
57Libraryxxxxxx.xxxpredictiveMedium
58Libraryxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxx.xpredictiveHigh
59Libraryxxx/xxx/xx/xxx/xxxxxx.xxxxxxxxxxx.xxpredictiveHigh
60Libraryxxx/xxx/predictiveMedium
61Libraryxx_xxxx.x/xxx_xxxx.x/xx_xxx.xpredictiveHigh
62Argumentxxx_xxxx_xxxxxpredictiveHigh
63Argumentxx_xxxxx_xxx_xxxxpredictiveHigh
64ArgumentxxxxpredictiveLow
65ArgumentxxxxxxxxpredictiveMedium
66ArgumentxxxpredictiveLow
67Argumentxxxxxx_xxxpredictiveMedium
68ArgumentxxxxxxxxxxxxxxpredictiveHigh
69ArgumentxxxxxxxpredictiveLow
70ArgumentxxxxxxxpredictiveLow
71Argumentxxxx/xxxxxxpredictiveMedium
72ArgumentxxpredictiveLow
73Argumentxxxxxxx_xxxxpredictiveMedium
74Argumentxxxx_xxx_xxxxxxxx_xxxpredictiveHigh
75ArgumentxxxxpredictiveLow
76ArgumentxxpredictiveLow
77ArgumentxxxxxpredictiveLow
78ArgumentxxxxxxxxpredictiveMedium
79ArgumentxxxxxxxxpredictiveMedium
80Argumentxxxxxxx_xxxpredictiveMedium
81ArgumentxxxxxxxxxxpredictiveMedium
82ArgumentxxxpredictiveLow
83ArgumentxxxxxxxxxxpredictiveMedium
84ArgumentxxxpredictiveLow
85ArgumentxxxxpredictiveLow
86ArgumentxxxxxpredictiveLow
87ArgumentxxxpredictiveLow
88Argumentxxxxxxx/xxx/xxxpredictiveHigh
89Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
90Input ValuexxxxpredictiveLow
91Network Portxxx/xxxpredictiveLow
92Network Portxxx xxxxxx xxxxpredictiveHigh

References (5)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!