Oto Gonderici Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en58
fr4
de3
ar1

Country

Actors

Activities

Interest

Product

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1IBM Cognos Analytics cross-site request forgery4.34.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-38886
2Huawei ACXXXX/SXXXX SSH Packet input validation7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix2.73CVE-2014-8572
3Mambo CMS thumbs.php Path path traversal5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2013-2565
4Mutare Voice getfile.asp file inclusion8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2021-27236
5Dell EMC Unity/UnityVSA/Unity XT Upgrade Readiness Utility cleartext storage1.91.9$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2021-21547
6Parallels Desktop Toolgate stack-based overflow7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2021-31420
7Dell EMC iDRAC9 Configuration stack-based overflow6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-21540
8Samsung SmartThings Port denial of service3.33.2$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-25378
9Cisco Small Business RV Series Router Link Layer Discovery Protocol memory corruption6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-1251
10Kagemai cross site scripting4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-20685
11Qualcomm Snapdragon Auto RTCP Packet denial of service7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-11255
12RTA 499ES EtherNet-IP Adaptor Source Code stack-based overflow8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2020-25159
13Apple iOS/iPadOS CoreText out-of-bounds read6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.07CVE-2021-1792
14Apple iOS/iPadOS denial of service6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.03CVE-2021-1773
15arenavec Crate default uninitialized pointer3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2021-29930
16Synology DiskStation Manager SYNO.Core.Network.PPPoE os command injection7.26.9$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-29083
17underscore Template Remote Code Execution7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-23358
18TP-LINK TL-WR841N traceroute command injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2018-12577
19Backdoor.Win32.Agent.bjev Windupdt permission6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.04
20JetBrains PhpStorm Debug Log source code5.85.6$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-25764

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
2T1110.001CWE-798Improper Restriction of Excessive Authentication AttemptspredictiveHigh
3TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
4TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
6TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (23)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/usr/local/nagiosxi/html/includes/configwizards/windowswmi/windowswmi.inc.phppredictiveHigh
2Fileaudiohd.exepredictiveMedium
3FileC:\WindupdtpredictiveMedium
4Filex:\x_xxxxxxxpredictiveMedium
5Filexxx-xxx/xxxxxxxpredictiveHigh
6Filexxxxxxxx.xxx/xxxxxxx_xxxxxx.xxxpredictiveHigh
7Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
8Filexxx/xxxxxxxx/xxxx_xxxxx.xpredictiveHigh
9Filexxxxxxx.xxxpredictiveMedium
10FilexxxxxxpredictiveLow
11Filexxxxxx.xxxpredictiveMedium
12Filexxx.xpredictiveLow
13Libraryxxxxxxxxx.xxxpredictiveHigh
14Libraryxxxxxxxxxx.xxxpredictiveHigh
15ArgumentxxpredictiveLow
16ArgumentxxxxxxxpredictiveLow
17Argumentxxxx_xxxxpredictiveMedium
18ArgumentxxxxxxxxpredictiveMedium
19ArgumentxxxxxxpredictiveLow
20Input Value%xxx%xxxxxxxxx%xxxxxxx(x)>%xxpredictiveHigh
21Input Value.x./predictiveLow
22Input Value::$xxxxx_xxxxxxxxxxpredictiveHigh
23Network Portxxx xxxxxx xxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!