Mettle Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en16
fr1

Country

us10
vn7

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1TP-LINK TL-WR841N Firmware path traversal7.57.5$0-$5k$0-$5kHighNot Defined0.06CVE-2012-5687
2PHP FPM SAPI out-of-bounds write8.07.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2021-21703
3Magento Deserialization deserialization8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2020-3716
4Magento sql injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-7139
5Google Android file_input_stream.cc Read memory corruption7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.05CVE-2019-2105
6Google Android TQS App memscpy memory corruption8.58.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.04CVE-2015-9173
7nginx HTTP2 resource consumption6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2018-16844
8Moodle Installation information disclosure5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2012-4403
9NoneCms App.php input validation8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.06CVE-2018-20062
10Creolabs Gravity gravity_lexer.c use after free8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2017-1000172
11Squid Proxy HTTP Request insufficient verification of data authenticity8.77.6$5k-$25k$0-$5kUnprovenOfficial Fix0.05CVE-2016-4553
12Mozilla Firefox memory corruption8.07.7$25k-$100k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-7811
13Pivotal RabbitMQ password access control7.77.4$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2016-9877
14Microsoft Windows IIS IPP Service numeric error6.35.7$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2008-1446
15WPHRM Human Resource Management System sql injection7.56.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.05CVE-2017-14848
16SPIP cross site scriting8.88.4$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2012-4331

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsConfidence
1118.70.80.143MettleHigh
2XXX.XXX.XX.XXXXxxxxxHigh

TTP - Tactics, Techniques, Procedures (2)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorConfidence
1T1059.007CWE-80Cross Site ScriptingHigh
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxHigh

IOA - Indicator of Attack (6)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1Filefile_input_stream.ccHigh
2Filegravity_lexer.cHigh
3Filexxxxxxxx/xxxxxxxxHigh
4Libraryxxxxxxxx/xxxxxxx/xxxxx/xxx.xxxHigh
5Argumentxxxxxxxx_xxMedium
6ArgumentxxxxxxLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!