LightBasin Analysis

IOB - Indicator of Behavior (44)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en40
de2
jp2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn24
us14
ir4
cz2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Lutron Quantum BACnet Integration4
Toshiba Home Gateway HEM-GW16A4
Toshiba Home Gateway HEM-GW26A4
Bomgar Remote Support Portal JavaStart.jar Applet2
Bosch IP Camera2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
2Toshiba Home Gateway HEM-GW16A/Home Gateway HEM-GW26A Access Restriction access control6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00885CVE-2018-16197
3Scadaengine BACnet OPC Client csv memory corruption10.09.0$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010.71462CVE-2010-4740
4Huawei ACXXXX/SXXXX SSH Packet input validation7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.01055CVE-2014-8572
5GIT Client Path privileges management8.58.4$5k-$25k$0-$5kHighOfficial Fix0.040.78077CVE-2014-9390
6codemirror Regular Expression incorrect regex5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01537CVE-2020-7760
7Microsoft Windows IIS Remote Code Execution7.67.0$25k-$100k$5k-$25kUnprovenOfficial Fix0.030.02251CVE-2022-30209
8Huawei SXXXX XML Parser input validation3.63.6$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2017-15346
9Openfind MailGates Email command injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.020.02055CVE-2020-12782
10Microsoft Exchange Server information disclosure6.35.5$5k-$25k$0-$5kUnprovenOfficial Fix0.060.13392CVE-2021-33766
11Cachet SearchableTrait#scopeSearch improper authentication6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.09029CVE-2021-39165
12HP Network Node Manager ov.dll memory corruption10.09.0$25k-$100kCalculatingProof-of-ConceptOfficial Fix0.030.33866CVE-2009-0921
13Bosch IP Camera Web-based Interface cross-site request forgery4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01055CVE-2021-23849
14Apache Tomcat j_security_check information disclosure4.24.0$0-$5k$0-$5kHighOfficial Fix0.040.83520CVE-2009-0580
15DokuWiki Media File Fetching HTTPClient.php HttpClient Port server-side request forgery8.68.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2016-7964
16Laravel Framework Token Encrypter.php decrypt deserialization6.86.8$0-$5k$0-$5kNot DefinedNot Defined0.000.23850CVE-2018-15133
17Zabbix CControllerAuthenticationUpdate cross-site request forgery3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00885CVE-2021-27927
18events-manager Plugin code injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00885CVE-2015-9298
19Netgear SRX5308 sql injection7.47.4$5k-$25k$5k-$25kHighNot Defined0.040.00885CVE-2019-17049
20Vivotek IP Camera authorization6.45.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.08382CVE-2013-4985

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (18)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/DbXmlInfo.xmlpredictiveHigh
2File/deviceIPpredictiveMedium
3File/inc/HTTPClient.phppredictiveHigh
4Filexxxxxxxxxxxxx.xxxpredictiveHigh
5Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
6Filexxxx.xpredictiveLow
7FilexxxpredictiveLow
8Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxx/xxx.xxpredictiveMedium
10Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
11Filex_xxxxxxxx_xxxxxpredictiveHigh
12Filexxx.xxxpredictiveLow
13Filexxxxxxx.xxxpredictiveMedium
14Libraryxx.xxxpredictiveLow
15Libraryxxxxxxxx.xxxpredictiveMedium
16Argumentxxxxx_xxpredictiveMedium
17Argumentx_xxxxxxxxpredictiveMedium
18Argumentx-xxxx-xxxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!