PcShare Analysisinfo

IOB - Indicator of Behavior (28)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Language

en24
zh2
jp2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

GNU Mailman2
LimeSurvey2
TinyMCE2
Xunrui CMS2
SAP NetWeaver2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

These are the vulnerabilities that we have identified as researched, approached, or attacked.

#VulnerabilityBaseTemp0dayTodayExpCouKEVEPSSCTICVE
1SAP NetWeaver AS JAVA Visual Composer com.sap.visualcomposer.BIKit.default xml external entity reference7.57.5$5k-$25k$0-$5kNot definedNot defined 0.005520.00CVE-2017-8913
2SAP NetWeaver Visual Composer unrestricted upload9.29.0$5k-$25k$0-$5kAttackedOfficial fixverified0.883720.07CVE-2021-38163
3Ikuai Router OS webman.lua ActionLogin command injection7.67.5$0-$5k$0-$5kNot definedNot defined 0.013220.06CVE-2023-34849
4Oracle MySQL Server DML privilege escalation5.15.0$5k-$25k$0-$5kNot definedOfficial fix 0.001530.00CVE-2024-21015
5Xunrui CMS main.html information disclosure4.33.9$0-$5k$0-$5kProof-of-ConceptNot defined 0.000970.02CVE-2023-1680
6Victor CMS login.php sql injection6.36.1$0-$5k$0-$5kNot definedNot defined 0.003060.08CVE-2022-28060
7LimeSurvey LDAP Authentication Brute Force information disclosure4.54.4$0-$5k$0-$5kNot definedOfficial fix 0.003750.03CVE-2019-16180
8GNU Mailman Pipermail information disclosure4.04.0$0-$5k$0-$5kNot definedNot defined 0.001310.03CVE-2002-0389
9OceanWP Plugin file inclusion5.55.3$0-$5k$0-$5kNot definedNot defined 0.003310.09CVE-2023-23700
10Varnish Cache request smuggling7.47.2$0-$5k$0-$5kNot definedOfficial fix 0.004650.00CVE-2022-45059
11Swagger-UI Key Name cross site scripting5.25.1$0-$5k$0-$5kNot definedOfficial fix 0.048500.02CVE-2016-1000229
12akismet Plugin cross site scripting5.25.1$0-$5k$0-$5kNot definedOfficial fix 0.002850.02CVE-2015-9357
13TinyMCE Classic Editing Mode cross site scripting5.75.7$0-$5k$0-$5kNot definedNot defined 0.000560.00CVE-2020-12648
14WordPress REST API class-wp-rest-users-controller.php information disclosure5.35.1$5k-$25k$0-$5kFunctionalOfficial fixexpected0.924120.02CVE-2017-5487
15SAP Solman caf~eu~gp~example~timeoff~wd information disclosure6.46.4$5k-$25k$0-$5kNot definedNot defined 0.009930.05CVE-2016-10005
16SAP NetWeaver xml external entity reference8.17.8$5k-$25k$0-$5kProof-of-ConceptOfficial fix 0.273770.00CVE-2015-7241
17SAP Knowledge Warehouse KW cross site scripting3.53.4$0-$5k$0-$5kNot definedOfficial fixpossible0.426800.00CVE-2021-42063
18SAP NetWeaver AS JAVA Query String UIUtilJavaScriptJS path traversal7.06.9$5k-$25k$0-$5kAttackedWorkaroundverified0.919380.02CVE-2017-12637
19Apache HTTP Server Path Normalization path traversal7.47.2$5k-$25k$0-$5kAttackedOfficial fixverified0.943980.04CVE-2021-41773
20Castle Rock SNMPc Online info.php4 information disclosure6.46.3$0-$5k$0-$5kNot definedOfficial fix 0.003300.00CVE-2020-11554

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
145.32.181.4845.32.181.48.vultr.comPcShare03/04/2022verifiedVery Low
2XXX.X.XXX.XXXXxxxxxx03/04/2022verifiedLow

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (12)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/dayrui/My/View/main.htmlpredictiveHigh
2File/includes/login.phppredictiveHigh
3Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
4Filexxxxx.xxxpredictiveMedium
5Filexxxx.xxxxpredictiveMedium
6Filexxx/xxxxxxx/xxx/xxxxxx/xxxxxxx/xxx.xxx.xxxxxxxxxxxxxx.xxxxx.xxxxxxxpredictiveHigh
7Filexxxxxxxxx/xx/xx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxpredictiveHigh
8Filexxxxxxxxx/xxxxxxxxxx/xxx.xxx/xxx~xx~xx~xxxxxxx~xxxxxxx~xxpredictiveHigh
9Filexxxxxx.xxxpredictiveMedium
10Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHigh
11ArgumentxxpredictiveLow
12Argumentxxxx_xxxxpredictiveMedium

References (2)

The following list contains external sources which discuss the actor and the associated activities:

This view requires CTI permissions

Just purchase a CTI license today!