MosaicRegressor Analysisinfo

IOB - Indicator of Behavior (41)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en24
zh16
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

WordPress4
Oracle Secure Backup4
Synacor Zimbra Collaboration4
Plesk Obsidian2
omniauth-weibo-oauth2 Gem2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Zhong Bang CRMEB PublicController.php get_image_base64 server-side request forgery7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.002270.06CVE-2023-3233
2Synacor Zimbra Collaboration xml external entity reference8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.003980.00CVE-2016-9924
3MikroTik RouterOS Resolver memory corruption4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001390.00CVE-2020-20249
4Elastic Elasticsearch Document Ingestion stack-based overflow4.94.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.04CVE-2024-37280
5Oracle Secure Backup Remote Code Execution9.89.8$25k-$100k$0-$5kNot DefinedNot Defined0.831390.00CVE-2011-2261
6Oracle Secure Backup improper authentication5.35.1$5k-$25k$0-$5kHighNot Defined0.090170.03CVE-2010-0904
7OpenProject Public Project robots.txt information disclosure6.46.3$0-$5k$0-$5kNot DefinedOfficial Fix0.001450.05CVE-2023-33960
8Synology SSO Server WebAPI path traversal4.74.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000680.00CVE-2022-27620
9All-in-One WP Migration Plugin class-ai1wm-backups.php path traversal5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000970.03CVE-2022-1476
10Joomla CMS sql injection7.37.0$5k-$25k$0-$5kHighOfficial Fix0.771790.00CVE-2015-7857
11CKeditor FCKeditor print_textinputs_var cross site scripting4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.004410.02CVE-2012-4000
12webTareas New Profile cross-site request forgery3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.004000.00CVE-2021-41916
13WordPress wp_crop_image path traversal5.95.8$5k-$25k$0-$5kProof-of-ConceptNot Defined0.805300.04CVE-2019-8943
14Concrete CMS File Manager injection5.65.5$0-$5k$0-$5kNot DefinedOfficial Fix0.002880.05CVE-2021-22968
15WordPress WP_Query sql injection6.36.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.883030.02CVE-2022-21661
16Linux Kernel msr access control5.14.6$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.001950.00CVE-2013-0268
17HP Printer/MFP cross-site request forgery6.56.5$5k-$25k$0-$5kNot DefinedNot Defined0.000730.00CVE-2018-5921
18Plesk Obsidian Reflected cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.001510.02CVE-2020-11583
19FreePBX index_amp.php cross site scripting8.87.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.009830.05CVE-2012-4870
20Thycotic Secret Server Remote Desktop Launcher Temporary credentials management7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.002450.00CVE-2014-4861

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3TXXXXCAPEC-XXXCWE-XXXxxxxxxx XxxxxxxxxpredictiveHigh
4TXXXX.XXXCAPEC-XXXCWE-XXXxxxx Xxxxx Xxxx XxxxxxxxxpredictiveHigh
5TXXXXCAPEC-XXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
7TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveHigh
8TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
9TXXXXCAPEC-XXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/dev/cpu/*/msrpredictiveHigh
2File/index_amp.phppredictiveHigh
3File/xxxxxx.xxxpredictiveMedium
4File/xxx/xxx/xxxxxpredictiveHigh
5Filexxx/xxxxxxxxxx/xx/xxxxxxxxxxxxxxxx.xxxpredictiveHigh
6Filexxxxxxxx/xxxxxxxxxx.xxxxpredictiveHigh
7Filexxx/xxxxxxx.xxxpredictiveHigh
8Filexxx/xxxx/xxx.xpredictiveHigh
9Library~/xxx/xxxxx/xxxxx-xxxxx-xxxxxxx.xxxpredictiveHigh
10ArgumentxxxxxxxpredictiveLow
11ArgumentxxxxpredictiveLow
12ArgumentxxxxxxxxxpredictiveMedium
13Input Value.xxx?/../../xxxx.xxxpredictiveHigh
14Input Valuexxxx+x@!xxxx+predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!