Noon Analysis

IOB - Indicator of Behavior (62)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en42
it6
zh4
de4
jp2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Invision Power Services IP.Board4
vBulletin2
XenSource Xen2
JoomlaTune Com Jcomments2
JoomlaWorks Jw Allvideos2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Discuz! admin.php cross site scripting3.63.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00885CVE-2018-19464
2gnuboard5 Web Page Generation cross site scripting5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.090.00885CVE-2021-3831
3GNUBOARD5 Parameter move_update.php cross site scripting3.53.3$0-$5kCalculatingProof-of-ConceptNot Defined0.010.00954CVE-2020-18663
4SkullSplitter PHP Guestbook guestbook.php cross site scripting4.34.1$0-$5kCalculatingProof-of-ConceptNot Defined0.020.01955CVE-2006-1256
5ZyXEL PK5001Z credentials management8.88.3$5k-$25k$0-$5kProof-of-ConceptNot Defined0.030.12806CVE-2016-10401
6Cannot PHP infoBoard access control7.36.9$0-$5kCalculatingProof-of-ConceptNot Defined0.010.04187CVE-2008-4334
7JoomlaTune Com Jcomments admin.jcomments.php cross site scripting4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.02945CVE-2010-5048
8LEMON-S PHP Simple Oekaki BBS index.php cross site scripting4.34.1$0-$5kCalculatingNot DefinedOfficial Fix0.040.01136CVE-2015-2969
9CuteNews show_archives.php command injection6.36.0$0-$5kCalculatingProof-of-ConceptNot Defined0.000.00000
10Dreaxteam Xt-News add_comment.php cross site scripting4.34.2$0-$5kCalculatingHighUnavailable0.010.02945CVE-2006-6746
11D-Link DIR-2150 anweb action_handler stack-based overflow8.07.6$5k-$25k$5k-$25kNot DefinedOfficial Fix0.020.00000CVE-2022-40717
12Microsoft Internet Explorer FTP Client onerror cross site scripting6.36.0$5k-$25kCalculatingNot DefinedOfficial Fix0.060.00000
13Invision Power Services IP.Board URL resource management5.35.1$0-$5kCalculatingNot DefinedOfficial Fix0.020.01055CVE-2015-6812
14Invision Power Services IP.Board cross site scripting3.53.4$0-$5kCalculatingHighOfficial Fix0.020.00000
15Invision Power Services IP.Board index.php cross site scripting4.34.2$0-$5k$0-$5kHighWorkaround0.050.01136CVE-2014-5106
16Invision Power Services IP.Board cross site scripting3.53.2$0-$5kCalculatingProof-of-ConceptOfficial Fix0.000.02437CVE-2015-6810
17Upoint @1 File Store signup.php cross site scripting5.45.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.01408CVE-2006-1277
18vBulletin subWidgets Data widget_tabbedcontainer_tab_panel command injection8.08.0$0-$5k$0-$5kNot DefinedOfficial Fix0.160.05634CVE-2020-7373
19Sourcecodester Engineers Online Portal in PHP Quiz add_quiz.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.04932CVE-2021-42664
20pug Template injection6.36.1$0-$5k$0-$5kNot DefinedOfficial Fix0.070.06729CVE-2021-21353

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1055CWE-74InjectionpredictiveHigh
3TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
6TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveHigh

IOA - Indicator of Attack (33)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/uncpath/predictiveMedium
2Fileadd_comment.phppredictiveHigh
3Fileadd_quiz.phppredictiveMedium
4Fileadmin.jcomments.phppredictiveHigh
5Filexxxxx.xxxpredictiveMedium
6Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveHigh
7Filexxxx/xxxxxx/xxxxxx_xxxxxxxxxxxxxxx_xxx_xxxxxpredictiveHigh
8Filexxxx/xxx/xx.xpredictiveHigh
9Filexxx/xxxx_xxxxxx.xxxpredictiveHigh
10Filexxxxxxxx/xxxxxx/predictiveHigh
11Filexxxxxxxxxxx.xpredictiveHigh
12Filexxxxxxxxx.xxxpredictiveHigh
13Filexxxxx.xxxpredictiveMedium
14Filexxxxxxxx.xxxpredictiveMedium
15Filexxxxxxx/xxxxxxx/xx_xxxxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictiveHigh
16Filexxxx-xx.xxx/xxx.xxxxx/xxx-xxxxxxxx-xxxx.xxxpredictiveHigh
17Filexxxx_xxxxxxxx.xxxpredictiveHigh
18Filexxxxxx.xxxpredictiveMedium
19ArgumentxxxpredictiveLow
20ArgumentxxxxxpredictiveLow
21Argumentxxxxx_xxxxxxxxpredictiveHigh
22ArgumentxxxxpredictiveLow
23Argumentxx_xxxxpredictiveLow
24ArgumentxxxxpredictiveLow
25ArgumentxxxxxxxpredictiveLow
26ArgumentxxxxxxxpredictiveLow
27ArgumentxxxxxxxxpredictiveMedium
28ArgumentxxxxxxxxpredictiveMedium
29Argumentxxxxx/xxxxxxxxxxxpredictiveHigh
30ArgumentxxxpredictiveLow
31Input Valuex" xxxxxxxxxxx=xxxxxx(xxxxxx) xxx="predictiveHigh
32Input ValuexxxxxxxxpredictiveMedium
33Network PortxxxxxpredictiveLow

References (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!