PowerPool Analysis

IOB - Indicator of Behavior (50)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en34
zh8
ko4
jp4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

cn20
us20
kr6
gb2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Google Chrome4
Linux Kernel4
IBM WebSphere Application Server2
D-Link DIR-6102
Synacor Zimbra Collaboration2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1GitLab Community Edition/Enterprise Edition Image File Privilege Escalation6.36.3$0-$5k$0-$5kHighNot Defined0.974630.05CVE-2021-22205
2Oracle Java SE Libraries unknown vulnerability5.95.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002490.00CVE-2021-2161
3Nginx Autoindex Module integer overflow5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.008450.07CVE-2017-20005
4Juniper ScreenOS cryptographic issues7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.025830.05CVE-2015-7756
5jforum User input validation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.002890.03CVE-2019-7550
6Google Android System_server SkSwizzler.cpp onSetSampleX out-of-bounds write7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001250.02CVE-2019-1986
7dnsmasq Port security check5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.002220.04CVE-2021-3448
8Linux Kernel Netfilter nf_tables_api.c nft_verdict_init use after free7.87.6$5k-$25k$0-$5kHighOfficial Fix0.002570.76CVE-2024-1086
9Oracle Agile PLM Security denial of service7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000550.04CVE-2023-34624
10Microsoft Azure DevOps Server unknown vulnerability6.15.3$5k-$25k$0-$5kUnprovenOfficial Fix0.004270.00CVE-2021-28459
11IBM Spectrum Scale GPFS Command Line Utility information disclosure5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.000510.03CVE-2018-1723
12Microsoft Azure Stack Hub information disclosure5.95.6$5k-$25k$0-$5kUnprovenOfficial Fix0.000640.02CVE-2024-20679
13Apache Shiro API path traversal8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000710.03CVE-2023-34478
14ZyXEL NAS326/NAS540 HTTP Request os command injection9.89.6$5k-$25k$0-$5kHighOfficial Fix0.018130.00CVE-2023-27992
15Google Chrome V8 type confusion7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.001750.03CVE-2022-4174
16Appsmith List Widget cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.001060.00CVE-2022-39824
17XpressEngine XE Normal Button unrestricted upload5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000580.00CVE-2021-44912
18PHP SOAP Extension unserialize information disclosure8.17.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.065790.04CVE-2015-4600
19kube-rbac-proxy TLS Configuration risky encryption6.26.1$0-$5k$0-$5kNot DefinedOfficial Fix0.004300.00CVE-2019-3818
20GitBook Stored cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000770.00CVE-2017-16019

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
127.102.106.149PowerPool05/31/2021verifiedHigh

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (12)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Fileautologin.cgipredictiveHigh
2Filecommand.phppredictiveMedium
3Filexxxxx.xxxpredictiveMedium
4Filexxxx/xxxxxxx.xxxpredictiveHigh
5Filexxxxxx.xpredictiveMedium
6Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveHigh
7Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveHigh
8Filexxxxxxxxxx.xxxpredictiveHigh
9ArgumentxxxpredictiveLow
10ArgumentxxxxxxxxxxxpredictiveMedium
11ArgumentxxpredictiveLow
12Input Value.%xx.../.%xx.../predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!