Palevo Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en211
pl5
es4
zh2
sv2

Country

cn131
us75
ru7
es2
ir1

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1WordPress Metadata deserialization8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2018-20148
2Drupal File file access5.45.1$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2017-6922
3VMware Horizon DaaS RDP File input validation5.95.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2017-4897
4UpdraftPlus Plugin admin.php updraft_ajax_handler server-side request forgery6.16.1$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2017-16870
5RoundCube Webmail Config Setting rcube_image.php argument injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.03CVE-2020-12641
6Revive Adserver asyncspc.php Reflected 7pk security7.16.3$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2016-9470
7Cisco ASA ASDM improper authentication6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2013-5511
8Open Webmail openwebmail-main.pl cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.04CVE-2007-4172
9ProFTPD mod_copy access control8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.09CVE-2019-12815
10Cisco ASA WebVPN Login Page logon.html cross site scripting4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2014-2120
11WordPress URL server-side request forgery8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2019-17670
12Joomla CMS index.php sql injection7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2010-4166
13Apache Tomcat FORM Authentication session fixiation8.58.5$5k-$25k$5k-$25kNot DefinedNot Defined0.05CVE-2019-17563
14DeDeCMS recommend.php sql injection8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2017-17731
15DirectAdmin denial of service5.34.8$0-$5k$0-$5kFunctionalWorkaround0.07
16Joomla CMS index.php sql injection7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.06CVE-2010-4696
17Odoo Community/Enterprise Discuss App access control6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2018-15631
18Apache HTTP Server LuaAuthzProvider mod_lua.c access control5.34.6$25k-$100k$0-$5kUnprovenOfficial Fix0.03CVE-2014-8109
19WordPress Login Page redirect6.25.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.04CVE-2018-10100
20WordPress sql injection8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2017-14723

IOC - Indicator of Compromise (12)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (105)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/+CSCOE+/logon.htmlHigh
2File/addnews.htmlHigh
3File/admin/system/database/filedown.phpHigh
4File/bin/boaMedium
5File/cgi-bin/upload_vpntarHigh
6File/MTFWULow
7File/okm:rootMedium
8File/wp-content/plugins/updraftplus/admin.phpHigh
9Fileadmin.php?m=backup&c=backup&a=dobackHigh
10Fileadmin/import/class-import-settings.phpHigh
11Fileadmin/index.php?n=ui_set&m=admin&c=index&a=doget_text_content&table=lang&field=1High
12Fileadministrator/components/com_media/helpers/media.phpHigh
13Filexxx.xxxLow
14Filexxxxx/xxxxxxx/xxxxxxxxxxxxxHigh
15Filexxxx/xxxxxx/xxxxx.xxxHigh
16Filexxxxxxxx.xxxMedium
17Filexxxx/xxxxxxxxxx/xxxxxx-xxxx.xHigh
18Filexxxx/xxxxxxxxxx/xxxxxx-xxxxx.xHigh
19Filexxxx/xxxxxxxxxx/xxxxxx-xxx.xHigh
20Filexx_xxx_xx.xMedium
21Filexxxx.xxxMedium
22Filexxxxx.xxxxMedium
23Filexxxxxxxx/xxxxxxx/xxxxx.xxxxx.xxxHigh
24Filexxxxxxxx/xxxxxx.xxxHigh
25Filexxxxx.xxxMedium
26Filexxxxx.xxx/xxxx/xxxxx/xxxx/xxxx.xxxHigh
27Filexxxxxxx.xxxMedium
28Filexxx/xxx.xMedium
29Filexxxxxx.xMedium
30Filexxxxxx/xxx_xxxxxx.xHigh
31Filexxxxxx.xxMedium
32Filexxxxxxx/xxxxx/xx/xxxxxx.xxxxx.xxxHigh
33Filexxxx/xxxxxx/xxxxx.xxxHigh
34Filexxxxxxxx.xxxMedium
35Filexxxxxxxx.xxxMedium
36Filexxx_xxx.xMedium
37Filexxxxxxx.xxxMedium
38Filexxxxxxxxxxx-xxxx.xxHigh
39Filexxxxxxx.xxxMedium
40Filexxxxxxxxxxx.xxxHigh
41Filexxxxx.xLow
42Filexxxxxxxx.xxxxx.xxxHigh
43Filexxxx/xxxxxxxxx.xxxHigh
44Filexxxxx_xxxxx.xxxHigh
45Filexxxxxxxx.xxxMedium
46Filexxxxx.xxxMedium
47Filexxx_xxxxxx.xxxHigh
48Filexxxxx-xxxxxxxxxxxx.xxxHigh
49Filexxxxxx.xxxMedium
50Filexxxx/xxxxxxxx/xxxxxxxx.xxxxHigh
51Filexxxx/xxxx/xxxxx.xxxHigh
52Filexxxx_xxx_xxx_xxxx.xxxHigh
53Filexxxxx.xxxMedium
54Filexxx/xxxxxx-xxxxxxx.xxxHigh
55Filexxxxx.xxxMedium
56Filexxxxxxx/xxx.xHigh
57Filexxxxxxx/xxxxxxxxx.xHigh
58Filexx-xxxxx/xxxx-xxx.xxxHigh
59Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxHigh
60Filexx-xxxxxxxx/xxxxxxxxx.xxxHigh
61Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxHigh
62Filexxx/xxxxxxxx/xxxxxxxx.xxxHigh
63Filexxxxxx.xxx?xxxxxx=xxxxxxxxx.xxxx&xxxxxxxxxxx=xHigh
64Libraryxxxxxx.xxxMedium
65Libraryxxxxx.xxxMedium
66Libraryxxx/xxxxxx/xxxxxx.xxHigh
67Libraryxxx/xxxxxxxxxxxxx/xxxxxxxxxx.xxHigh
68Libraryxxxxxx.xxxMedium
69Argument$_xxxxxLow
70Argument$_xxxxxxx['xxxx']High
71Argumentxx_xxxxx_xxx_xxxxHigh
72ArgumentxxxxxxLow
73ArgumentxxxxxxLow
74Argumentxxxxxxxxxx_xxxxHigh
75ArgumentxxxxxxxxMedium
76ArgumentxxxLow
77ArgumentxxxxLow
78ArgumentxxxxxxLow
79ArgumentxxxxxxxLow
80ArgumentxxxxLow
81ArgumentxxxxxxxxMedium
82ArgumentxxxxxxxxxMedium
83Argumentxxxxxx_xxxxx_xxxHigh
84ArgumentxxxxxLow
85ArgumentxxxxxxxLow
86ArgumentxxxxLow
87ArgumentxxLow
88ArgumentxxxxxxxxxxxxxHigh
89Argumentxxxxxxx_xxxxxxHigh
90ArgumentxxxLow
91ArgumentxxxxLow
92Argumentxxxxxx_xxxx_xxxxHigh
93ArgumentxxxxxxxxxxxxxHigh
94ArgumentxxxxxxxxxxxxxxHigh
95ArgumentxxxxxxLow
96Argumentxxxxxxx/xxxxxxxHigh
97ArgumentxxxxxLow
98Argumentxxxxxxx[]Medium
99Argumentxxxxxxxxxx[xxxx]High
100ArgumentxxLow
101Argumentxxxxxxxx/xxxxxxxxHigh
102ArgumentxxxLow
103Argumentxxxx->xxxxxxxHigh
104Argument_xxxxxxxMedium
105Input Value..\Low

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!