Nansh0u Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en14
es2
sv2
fr1

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Tiki Wiki CMS Groupware tiki-edit_wiki_section.php cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2010-4240
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
3CentOS-WebPanel.com CentOS Web Panel Domain input validation4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-14730
4Apple Mac OS X Server Wiki Server sql injection5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.31CVE-2015-5911
5Sun Solaris IP Packet denial of service5.95.2$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2007-2045
6Zoho ManageEngine ServiceDesk Plus access control6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-12252
7HotelDruid creaprezzi.php cross site scripting5.44.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.03CVE-2019-8937
8Cisco Prime Infrastructure/Evolved Programmable Network Web-based Management Interface input validation9.39.3$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2019-1821
9Accellion FTA find.api escape output8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-8303
10Apache Hadoop fsimage memory corruption7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.03CVE-2018-11768
11Bento4 Encryption Ap4Atom.cpp AddField out-of-bounds read6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2019-17530
12SoftEther VPN Server See.sys Kernel 7pk security6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-11868
13Dell EMC Update Package Framework uncontrolled search path6.05.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2019-3726
14Linux Directory Penguin Traceroute Script traceroute.pl privileges management9.89.8$5k-$25k$5k-$25kNot DefinedNot Defined0.04CVE-2002-0488
15Netgear Arlo/Arlo Q/Arlo Q Plus hard-coded credentials8.58.3$5k-$25k$0-$5kNot DefinedWorkaround0.00CVE-2016-10115
16PHP phpinfo cross site scripting6.35.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2006-0996

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1FileCore/Ap4Atom.cppHigh
2Filecreaprezzi.phpHigh
3Filexxxx/xxxxxxxxxxxxxxx.xxxHigh
4Filexxxxxxxx.xx?xxxxxxxxxxxx=xxxxxxxx&xxxx=x-xxxx&xxxxxxxx=xxxxxxxxxx&xxHigh
5Filexxxx/xxxx/xxxx.xxxHigh
6Filexxxx-xxxx_xxxx_xxxxxxx.xxxHigh
7Filexxxxxxxxxx.xxHigh
8Libraryxxx.xxxLow
9ArgumentxxxxLow
10ArgumentxxxxxxLow
11Argumentxxxxxx/xxxxxxx/xxxx_xxxx/xxxxxxx/xxxxHigh
12ArgumentxxxxxxxxMedium
13ArgumentxxxxLow
14Input ValuexxxxxxxxMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!