NetTraveler Analysis

IOB - Indicator of Behavior (147)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en140
it6
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us116

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Microsoft Windows4
NetApp Clustered Data ONTAP2
Mhproducts Ero Auktion2
Thomas R. Pasawicz HyperBook Guestbook2
TP-LINK TL-WVR2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.420.04187CVE-2010-0966
3Moxa IKS/EDS cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2019-6565
4PHP Template Store Script Profile cross site scripting4.44.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.02192CVE-2018-14869
5WoltLab Burning Book addentry.php sql injection7.36.8$0-$5k$0-$5kFunctionalUnavailable0.020.01319CVE-2006-5509
6ImageMagick pcd.c DecodeImage resource management6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01108CVE-2019-7175
7Gurunavi App SSL Certificate Validator certificate validation5.75.5$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01136CVE-2015-7778
8Quizlord Plugin admin.php Stored cross site scripting4.44.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.02192CVE-2018-17140
9Microsoft Visual Studio input validation7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.56075CVE-2018-8172
10Juniper Junos Sun/MS-RPC ALG resource consumption6.46.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00885CVE-2017-10608
11lshell access control8.18.1$0-$5k$0-$5kNot DefinedOfficial Fix0.050.01232CVE-2016-6902
12jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.020.04499CVE-2019-7550
13D-Link DIR-878 HTTP Header strncpy memory corruption8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.010.00885CVE-2019-9125
14FSB Dequeen Mobile Banking App X.509 Certificate certificate validation5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2017-9566
15Intel McAfee ePolicy Orchestrator sql injection7.67.3$5k-$25k$5k-$25kNot DefinedOfficial Fix0.030.00954CVE-2016-8027
16Intel McAfee ePolicy Orchestrator Apache Commons Collections Library deserialization8.37.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.120.02166CVE-2015-8765
17Icewarp Server cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2018-16324
18Huawei Smarthome Encryption Key Stored information disclosure6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00885CVE-2017-2704
19ImageMagick dib.c WriteDIBImage out-of-bounds write7.56.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01018CVE-2018-12600
20KDE Plasma Workspace Notifications notificationsengine.cpp IP Address information disclosure4.84.6$0-$5k$0-$5kNot DefinedOfficial Fix0.010.01213CVE-2018-6790

IOC - Indicator of Compromise (19)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059CWE-94Cross Site ScriptingpredictiveHigh
2T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
3TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
5TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
8TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
9TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh
10TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (69)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/bin/login.phppredictiveHigh
2File/see_more_details.phppredictiveHigh
3File/start-stoppredictiveMedium
4File/uncpath/predictiveMedium
5File/webmail/predictiveMedium
6Fileaddentry.phppredictiveMedium
7Fileadmin.remository.phppredictiveHigh
8Fileadmin/index.phppredictiveHigh
9Fileapply.cgipredictiveMedium
10Filexxx\xxxxxxx\xxxxxx_xxxxxxxx.xxxpredictiveHigh
11Filexxxxx-xxx.xpredictiveMedium
12Filexx_xxxx.xxxpredictiveMedium
13Filexxxxxx/xxx.xpredictiveMedium
14Filexxxxxx/xxx.xpredictiveMedium
15Filexxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveHigh
16Filexxxxxxx_xx.xxxpredictiveHigh
17Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
18Filexxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
19Filexxxxx/xxxxxxx.xxpredictiveHigh
20Filexxxxxx.xxxpredictiveMedium
21Filexxxx/xxxxxxxxxx/xxxxxx-xxxx.xpredictiveHigh
22Filexxx/xxxx/xxxx.xpredictiveHigh
23Filexxxxxxxx.xxxpredictiveMedium
24Filexxxx.xxxpredictiveMedium
25Filexxxxxxxxx.xxxpredictiveHigh
26Filexxxxxxxxxxxx.xxxpredictiveHigh
27Filexxx/xxxxxx.xxxpredictiveHigh
28Filexxxxx.xxxpredictiveMedium
29Filexxxxxxxx/xxxxxxxx_xxxxxxx_xxxxxx/xxxxx.xxxpredictiveHigh
30Filexxxxxxxxx.xxpredictiveMedium
31Filexxxxxx/xxxx.xpredictiveHigh
32Filexxxx.xxxpredictiveMedium
33Filexxxxxxx.xpredictiveMedium
34Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
35Filexxxx_xxxxxxxx.xxxpredictiveHigh
36Filexxxxxxx.xxxpredictiveMedium
37Filexxxxxxxxx.xxx/xxxxxxx.xxxpredictiveHigh
38Filexxxxxxxx-xxxxxxxxxxx.xxxpredictiveHigh
39Filexxxxxxxx/xxxxxxxxxx.xpredictiveHigh
40Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
41Filexx/xxx.xpredictiveMedium
42Filexxxx.xxxpredictiveMedium
43Filexxxxxxxxxxx-xxxxxx/xxx/xxxxxxxxxx/xxxxx.xxxpredictiveHigh
44Filexx-xxxxx/xxxxx.xxxpredictiveHigh
45Filexx-xxxxxxxxx.xxxpredictiveHigh
46Library/xxx/xxx/xxx/xxxx/xxxxxxxxxx/xxxxx/xxxxxxx.xxxpredictiveHigh
47Libraryxxxxxx.xxxpredictiveMedium
48Argumentxxxxxxx xxxx x/xxxxxxx xxxx x/xxxx xxxx/x/x xxxxxx xxxxpredictiveHigh
49ArgumentxxxxxxxxpredictiveMedium
50Argumentxxxxxxxxx/xxxxpredictiveHigh
51ArgumentxxxxxxxxpredictiveMedium
52ArgumentxxxxxxxxxxxpredictiveMedium
53Argumentxxxx_xxxxpredictiveMedium
54ArgumentxxpredictiveLow
55ArgumentxxxxxxxxxpredictiveMedium
56ArgumentxxxxxpredictiveLow
57Argumentxxxx_xxpredictiveLow
58Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
59ArgumentxxxxpredictiveLow
60ArgumentxxxxxxxxxpredictiveMedium
61Argumentxxxxxx_xxxpredictiveMedium
62Argumentxxxxxxxxx/xxxpredictiveHigh
63ArgumentxxxxpredictiveLow
64ArgumentxxxpredictiveLow
65ArgumentxxxxxxxxxxpredictiveMedium
66Argumentxx_xxpredictiveLow
67ArgumentxxxxxpredictiveLow
68ArgumentxxxpredictiveLow
69ArgumentxxxxxxxxpredictiveMedium

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!