LULU Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en287

Country

it9
es1

Actors

LULU287

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.42CVE-2010-0966
3Adobe Digital Editions out-of-bounds read7.47.1$5k-$25k$5k-$25kNot DefinedOfficial Fix0.01CVE-2018-12817
4Cairo cairo-arc.c _cairo_arc_in_direction input validation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.02CVE-2019-6461
5SAS Web Infrastructure Platform BI Web Services xml external entity reference7.47.1$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2018-20733
6Microsoft Skype for Business input validation5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2019-0624
7Microsoft Team Foundation Server cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-0646
8Microsoft Team Foundation Server information disclosure5.45.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-0647
9Adobe Acrobat Reader null pointer dereference7.57.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.00CVE-2018-19720
10Adobe Acrobat Reader memory corruption7.06.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2018-15998
11ISC BIND badcache.c input validation7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2018-5734
12Adobe Acrobat Reader memory corruption7.06.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2018-15987
13Adobe Acrobat Reader use after free7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2018-19713
14Adobe Acrobat Reader use after free8.07.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2018-19698
15Adobe Acrobat Reader use after free8.07.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2018-19700
16Adobe Acrobat Reader use after free8.07.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2018-16039
17Kea Extension resource management6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2018-5739
18Cacti host.php cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2018-20726
19Adobe Acrobat Reader use after free8.07.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.00CVE-2018-16040
20GNU Recutils rec-buf.c rec_buf_new resource management5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-6458

Campaigns (1)

These are the campaigns that can be associated with the actor:

  • Pegasus

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (61)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/admin/user_list_backend.phpHigh
2File/individualMedium
3Fileadmin.php?m=backup&c=backup&a=dobackHigh
4Fileadmin.php?mod=product&act=stateHigh
5Fileadmin/cp-functions/event-add.phpHigh
6Fileadmin/modules/tools/ip_history_logs.phpHigh
7Fileassets/javascripts/workflowStepEditorKO.jsHigh
8Filebadcache.cMedium
9Filexxxxx-xxx.xMedium
10Filexxxx/xxxxxxxx.xxxHigh
11Filexxx.xLow
12Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
13Filexxxx/xxxxxxx.xHigh
14Filexxxxxxx/xxx/xxx-xxxxx.xHigh
15Filexxxxxxxxxx.xMedium
16Filexx_xxxxx_xxxxx.xHigh
17Filexx_xxx_xxx.x/xx_xxxx.x/xx_xxxx.xHigh
18Filexxxxx_xxxxxxxxx.xxxHigh
19Filexxxx.xxxMedium
20Filexxx/xxxxxx.xxxHigh
21Filexxxxxxxx/xxxxxxxxxx/xxxxx-xx-xxxxxxxxx-xxxxxxxx.xxxHigh
22Filexxxxxxx/xxxxxx.xHigh
23Filexxxxxxxx-xxxxxx.xHigh
24Filexxxx.xLow
25Filexxxxxxx/xx_xxx.xHigh
26Filexxxxx_xxxx_xxxxxxxxx.xxxHigh
27Filexxx_xxxxxxx.xHigh
28Filexxxxxxx/xxx_xxxxxx.xHigh
29Filexxxxxxxx-xxxxx-xxxxxxxxxx/xxx/xxxx/xxxxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxx/xxxxxx/xxxxxxxxx.xxxxxxHigh
30Filexxxxxxx.xxxMedium
31Filexxx-xxx.xMedium
32Filexxx-xxxx.xMedium
33Filexxxxxxxxx/xxxxxxx/xxxx/xxxxxxxxxxxxxxxxxxxxxxx.xxxHigh
34Filexxxxxxx.xxxxMedium
35Filexxxxxxxxxxx_xxxxx.xxxHigh
36Filexxx/xxxx/xxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxHigh
37Filexxx/xxxx/xxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxx/xxx/xxxxxxxxxxxxxxxxx.xxxxHigh
38Filexxxxx/xxx/xxxxx/xxxxx.xxHigh
39Filexxxxxxxxxxxxxxxxxx.xxxxHigh
40Filexxxx-xxxx_xxxxx.xxxHigh
41Filexxxxxxxx.xMedium
42Filexxx/xxxxx/xxxxxxx/xxxxx/xxxxxxxxxxx.xxxHigh
43Filexxx/xxxxx/xxxxxxx/xxxxx/xxxxx.xxxHigh
44Filexxxxxxxxxxx.xxxHigh
45Filexx_xxxx.xxxMedium
46Libraryxxxxxxx_xxxxxxxHigh
47ArgumentxxxxxxxxMedium
48ArgumentxxxxxxxLow
49Argumentxxxxxxx_xx[]Medium
50Argumentxxxxxxxxxxx[xxxx]High
51Argumentxxxx_xxxxxxxMedium
52ArgumentxxxxLow
53Argumentxxxxxxxx_xMedium
54ArgumentxxxxxxxxxMedium
55Argumentxxxxxxx[]Medium
56ArgumentxxxLow
57ArgumentxxxxxxxxxMedium
58Argument_xxxxxxx=Medium
59Input Value%xxLow
60Input Value/../Low
61Input ValuexxxxxxxxxxMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!