Mofang Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en133
de12
es4
zh2
sv1

Country

us97
cn30
at8
tk4
sg3

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2PAN-OS improper authentication7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2019-1572
3RoundCube Webmail rcube_plugin_api.php path traversal8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-12640
4Jitsi Meet hard-coded credentials8.57.9$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2020-11878
5Microsoft Windows Delivery Optimization Service privileges management8.17.8$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2020-1392
6Palo Alto PAN-OS cleartext transmission5.85.6$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2020-2013
7Palo Alto PAN-OS Maintenance Mode config6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-2041
8RoundCube Contact Photo photo.inc Absolute path traversal6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2015-8794
9phpMyAdmin Designer sql injection8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.00CVE-2019-6798
10EmbedThis HTTP Library/Appweb httpLib.c authCondition improper authentication7.77.3$0-$5k$0-$5kHighOfficial Fix0.00CVE-2018-8715
11Palo Alto PAN-OS Web Interface Privilege Escalation6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2020-1975
12Palo Alto PAN-OS insufficient permissions or privileges6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2019-17437
13Liferay Portal privileges management9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2011-1571
14Devana profile_view.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.06CVE-2010-2673
15Adobe Acrobat Reader PDFLibTool out-of-bounds read4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-28565
16Phabricator Mercurial hg command injection8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2017-17536
17Barracuda Web Application Firewall Online Demo lookup.cgi ldap injection4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.00
18SquirrelMail webmail.php code injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2005-0103
19ISPConfig sql injection6.36.3$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-3021
20AVG Secure Search toolbar ActiveX Control ScriptHelper.exe access control10.09.5$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2014-2956

IOC - Indicator of Compromise (25)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (82)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File.htaccessMedium
2File/admin/index.phpHigh
3File/cgi-mod/lookup.cgiHigh
4File/message/ajax/send/High
5File/sitecore/client/Applications/List Manager/Taskpages/Contact listHigh
6Fileadd_comment.phpHigh
7Fileapp/controllers/application_controller.rbHigh
8Fileapplication\api\controller\User.phpHigh
9Fileblog.phpMedium
10Fileclasses/Visualizer/Gutenberg/Block.phpHigh
11Filexxxxxxx_xxxxxxxx_xxxxx.xxxHigh
12Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
13Filexxxx/xxxxMedium
14Filexxxx/xxxxx.xxxHigh
15Filexxxx/xxxxxxx.xxxHigh
16Filexxxxxx/xxxMedium
17Filexxxxxxx/xxxx/xxxx_xxxxxxxx.xHigh
18Filexxxxx.xxxMedium
19Filexx/xxxxxx_xxx.xHigh
20Filexx/xxxx/xxx.xHigh
21Filexxxx_xxxxxxx.xxx.xxxHigh
22Filexxx/xxxxxx.xxxHigh
23Filexxxxx.xxxMedium
24Filexxxx.xxxMedium
25Filexxxxxx/xxxxx/xxxxxxxx.xHigh
26Filexxxxxx/xxxxx.xxxHigh
27Filexxxxxxxx.xxxMedium
28Filexxxxx_xxxxxx.xxxHigh
29Filexxxxxxx_xxxx.xxxHigh
30Filexxxxxxx/xxxxxxx/xxxxxx.xxxHigh
31Filexxxxxxx/xxxxxxx/xxxxxx_xxxxxx_xxxx.xxxHigh
32Filexxxxxxx/xxxxx/xxxxxxxxxxx/xxxxx.xxxHigh
33Filexxxxx_xxxxxx_xxx.xxxHigh
34Filexxxxxxxx.xxxMedium
35Filexxxxxxxx.xxxMedium
36Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxHigh
37Filexxxxxxxx_xxxxxx.xxxHigh
38Filexxxxxxxxxxxx.xxxxxxxx.xxxHigh
39Filexxxxxxxxx.xMedium
40Filexxxxxxxxxxxx.xxxHigh
41Filexxxxx.xxxMedium
42Filexxx-xxxxxxx.xHigh
43Filexxxx/xxxxxxxx/xxxxxxxx.xxxxHigh
44Filexxxx_xxxx.xxxHigh
45Filexxxxxxx.xxxMedium
46Filexx-xxxxx/xxxxxxxx/xxxxx-xx-xxxxx-xxxx.xxxHigh
47Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxHigh
48Filexx-xxxxxxxx/xxxxxxxxx.xxxHigh
49Filexxxxx/xxx/xxxxxx/xxxxxxxxxxxxxxxxxHigh
50Libraryxxxx/xxxxx/xxxxxxx/xxxxxxx/xxx/xxx/xxxx.xxxHigh
51Libraryxxxx/xxxxxxx.xHigh
52Libraryxxxxxx.xxxMedium
53Argument--xxxxxx/--xxxxxxxxHigh
54Argument-xLow
55ArgumentxxxxxxLow
56Argumentxxxx_xxxMedium
57ArgumentxxxxxxxxMedium
58ArgumentxxxxxxxLow
59ArgumentxxxxLow
60ArgumentxxxxxLow
61ArgumentxxLow
62Argumentxx/xxxxxxMedium
63Argumentxxx_xxxxxxxxxxxHigh
64ArgumentxxxxxxLow
65ArgumentxxxxxxxxMedium
66ArgumentxxxxxxLow
67Argumentxxxx/xxxxxxxxxxxHigh
68ArgumentxxxxxxxxMedium
69ArgumentxxxxxxxxMedium
70ArgumentxxxxLow
71ArgumentxxxxxxxLow
72ArgumentxxxxxxxxxMedium
73Argumentxxxx_xxx_xxxxHigh
74Argumentxxxxxxxx/xxMedium
75ArgumentxxxLow
76Argumentxxxxxxxx/xxxxxxxxHigh
77Argument_xxxLow
78Argument_xxxxLow
79Argument_xxxxLow
80Input Value@xxxxxxxx.xxxHigh
81Network Portxxx/xxxxMedium
82Network Portxxx/xxxx (xx-xxx)High

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!