Neutrino Exploit Kit Analysis

IOB - Indicator of Behavior (99)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en90
fr6
ru2
de2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us40
ir24
ca14
fr4
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

PHP6
Fortinet FortiMail2
phpBB2
Netgear DGN22002
Netgear DGND37002

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.530.00943CVE-2010-0966
3FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.070.00203CVE-2008-5928
4Squid Web Proxy SSL Certificate Validation out-of-bounds7.17.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00610CVE-2023-46724
5Lenovo Smart Camera X3/Smart Camera X5/Smart Camera C2E Network Configuration os command injection4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00083CVE-2021-3617
6Fortinet FortiMail HTTPS sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00677CVE-2021-24007
7Netgear NMS300 command injection9.89.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00516CVE-2020-35797
8rConfig sudoers privileges management6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00166CVE-2019-19585
9vBulletin moderation.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.010.00284CVE-2016-6195
10PHP unserialize use after free7.36.4$25k-$100k$0-$5kUnprovenOfficial Fix0.030.00000
11Apache Tomcat CORS Filter 7pk security8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.07849CVE-2018-8014
12D-Link DSL-2875AL/DSL-2877AL Web Management Server index.asp cleartext storage6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00291CVE-2019-15656
13HTTP/2 Window Size resource consumption6.86.7$5k-$25k$0-$5kNot DefinedWorkaround0.000.09689CVE-2019-9511
14nginx HTTP/2 resource consumption6.06.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.13197CVE-2018-16843
15D-Link DIR-825 router_info.xml PIN access control6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.040.00390CVE-2019-9126
16D-Link DSL-2770L atbox.htm Credentials credentials management7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00369CVE-2018-18007
17Magento sql injection8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00582CVE-2019-7139
18Atlassian JIRA Server/Data Center Jira Importers Plugin injection7.27.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01473CVE-2019-15001
19Apache HTTP Server mod_session input validation5.85.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00176CVE-2018-1283
20Apache HTTP Server HTTP Digest Authentication Challenge improper authentication8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.01815CVE-2018-1312

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Path TraversalpredictiveHigh
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CWE-94Argument InjectionpredictiveHigh
4TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
7TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHigh
8TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
9TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
10TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
11TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
12TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
13TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
14TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
15TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (55)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/etc/sudoerspredictiveMedium
2File/forum/away.phppredictiveHigh
3File/uncpath/predictiveMedium
4Filearch/x86/kernel/paravirt.cpredictiveHigh
5FileArchiveNews.aspxpredictiveHigh
6Fileatbox.htmpredictiveMedium
7Fileblank.phppredictiveMedium
8Filexxx_xxxxxxxx.xxxpredictiveHigh
9Filexxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
10Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
11Filexxx/xxxx/xxxx.xpredictiveHigh
12Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveHigh
13Filexxxxxxxx.xxxpredictiveMedium
14Filexxxxx_xxxx.xxxpredictiveHigh
15Filexxx/xxxxxx.xxxpredictiveHigh
16Filexxxxx.xxxpredictiveMedium
17Filexxxxx.xxxpredictiveMedium
18Filexxxxxxx.xxxpredictiveMedium
19Filexxxx.xxxpredictiveMedium
20Filexxxx_xxxx.xxxpredictiveHigh
21Filexxxxxx/xxxxxxxxxx.xpredictiveHigh
22Filexxxx.xxxpredictiveMedium
23Filexxxxx.xxxpredictiveMedium
24Filexxxxxxx/xxxx/xxxxxxxxx_xxx.xxxpredictiveHigh
25Filexxxxx.xxxpredictiveMedium
26Filexxxxx.xxxpredictiveMedium
27Filexxxxxxxxxx.xxxpredictiveHigh
28Filexxxxxx.xpredictiveMedium
29Filexxxxxx.xxxpredictiveMedium
30Filexxxxxx_xxxx.xxxpredictiveHigh
31Filexxxxxx_xxxx.xxxpredictiveHigh
32Filexxxxxxxxx.xxxpredictiveHigh
33Filexxxxx/xxxxx.xxpredictiveHigh
34Libraryxxx/xx/xxxxxxx.xxpredictiveHigh
35Libraryxxxxxxxxxxxx.xxxpredictiveHigh
36Argument-x/-xpredictiveLow
37ArgumentxxxxxxxxpredictiveMedium
38Argumentxxxx_xxpredictiveLow
39Argumentxxxxxx_xxpredictiveMedium
40Argumentxxxx_xxxx/xxxxx/xxxxxxpredictiveHigh
41Argumentxxxx_xxxxxxxpredictiveMedium
42ArgumentxxpredictiveLow
43ArgumentxxxxxpredictiveLow
44ArgumentxxxxxxxxxpredictiveMedium
45Argumentxxxxx_xxxx_xxxpredictiveHigh
46ArgumentxxxxxxxpredictiveLow
47ArgumentxxxxxxxxxpredictiveMedium
48Argumentxxxxxx_xxxxpredictiveMedium
49ArgumentxxxxxxxxxxxxpredictiveMedium
50ArgumentxxxpredictiveLow
51ArgumentxxxpredictiveLow
52ArgumentxxxxpredictiveLow
53Argumentxxxxxxxx/xxxxpredictiveHigh
54Argumentxxxxxxxx_x/xxxxxxxx_xpredictiveHigh
55Argumentxxxx->xxxxxxxpredictiveHigh

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!