South Asia Unknown Analysis

IOB - Indicator of Behavior (115)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en104
de6
ja4
ru2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us72
ru10
tr6
gb4
ir4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

WordPress6
D-Link DIR-6154
ProFTPD2
Chaussette2
CrushFTP2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1Secomea GateManager insufficient privileges5.95.7$2k-$5k$0-$1kNot DefinedOfficial Fix0.000540.03CVE-2022-25782
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$10k-$25kCalculatingHighWorkaround0.020160.00CVE-2007-1192
3Alt-N MDaemon Worldclient injection4.94.7$10k-$25k$0-$1kNot DefinedOfficial Fix0.000900.03CVE-2021-27182
4TP-LINK TL-WR940N PingIframeRpm.htm ipAddrDispose memory corruption7.57.5$1k-$2k$0-$1kProof-of-ConceptWorkaround0.054510.06CVE-2019-6989
5Microsoft IIS cross site scripting5.24.7$10k-$25k$0-$1kProof-of-ConceptOfficial Fix0.005480.04CVE-2017-0055
6Danfoss AK-EM100 os command injection9.39.2$2k-$5k$1k-$2kNot DefinedNot Defined0.001430.04CVE-2023-25911
7GPAC mpd.c gf_mpd_parse_string memory leak4.54.5$0-$1k$0-$1kNot DefinedNot Defined0.000440.00CVE-2023-48039
8Trellix ePolicy Orchestrator URL Parameter redirect4.84.7$1k-$2k$0-$1kNot DefinedOfficial Fix0.000480.05CVE-2023-5445
9ethyca Fides weak prng7.97.8$1k-$2k$0-$1kNot DefinedOfficial Fix0.000880.00CVE-2023-48224
10Totolink X6000R sub_4155DC command injection7.67.6$1k-$2k$0-$1kNot DefinedNot Defined0.004320.00CVE-2023-46413
11Oracle Siebel CRM EAI Open UI denial of service7.57.3$10k-$25k$0-$1kNot DefinedOfficial Fix0.000940.00CVE-2023-1370
12D-Link DIR-820L permission7.67.5$5k-$10k$5k-$10kNot DefinedNot Defined0.004730.02CVE-2023-44809
13Apache Airflow DAG information disclosure5.04.9$5k-$10k$0-$1kNot DefinedOfficial Fix0.000590.00CVE-2023-42663
14MediaTek MT6885 Video out-of-bounds write5.45.3$0-$1k$0-$1kNot DefinedOfficial Fix0.000420.00CVE-2023-32821
15Tiki Admin Password tiki-login.php improper authentication8.07.7$1k-$2k$0-$1kNot DefinedOfficial Fix0.009361.38CVE-2020-15906
16Joomla CMS gmail.php information disclosure3.33.3$5k-$10k$0-$1kNot DefinedNot Defined0.000000.00
17Joomla CMS GMail Authentication access control5.34.6$10k-$25k$0-$1kProof-of-ConceptOfficial Fix0.004650.04CVE-2014-7984
18TikiWiki tiki-register.php input validation7.36.6$2k-$5k$0-$1kProof-of-ConceptOfficial Fix0.010750.71CVE-2006-6168
19PHP PHAR phar_dir_read buffer overflow8.28.2$5k-$10k$2k-$5kNot DefinedOfficial Fix0.000830.05CVE-2023-3824
20Zammad excessive authentication6.76.7$1k-$2k$0-$1kNot DefinedNot Defined0.002010.04CVE-2022-35490

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (15)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (73)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/EXCU_SHELLpredictiveMedium
2File/my_photo_gallery/image.phppredictiveHigh
3File/phppath/phppredictiveMedium
4File/real-estate-script/search_property.phppredictiveHigh
5File/reps/classes/Users.php?f=delete_agentpredictiveHigh
6File/uncpath/predictiveMedium
7FileAdmin/edit-admin.phppredictiveHigh
8Fileapp/topic/action/admin/topic.phppredictiveHigh
9Filecategory.asppredictiveMedium
10Filexxxxxxxx.xxxpredictiveMedium
11Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
12Filexxxxxxx/xxxx@/xxxxx/xxxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
13Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxxxxx.xxxpredictiveMedium
15Filexxxxxxx.xxxxx.xxxpredictiveHigh
16Filexxxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
17Filexxxxx_xxx_xxxxx.xxxpredictiveHigh
18Filexxxxxxxxx.xxxpredictiveHigh
19Filexxxxxxx.xxxpredictiveMedium
20Filexxxxx.xxxpredictiveMedium
21Filexxxx/xxxx/xxxxxxx/xxx/xxxxxxxxxxxxxx.xxxx.xxxpredictiveHigh
22Filexxxx/xxxxxxx.xxxpredictiveHigh
23Filexxxxxxxx/xxxxx-xx-xxxxxxxxx.xxxpredictiveHigh
24Filexxxxx.xxxpredictiveMedium
25Filexxxxx/xxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
26Filexxxx_xxxx.xxxpredictiveHigh
27Filexxxxx_xxxxx/xxx.xpredictiveHigh
28Filexxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxxx.xpredictiveHigh
29Filexxx_xxxx_xxxxx.xpredictiveHigh
30Filexxxxxxx.xxxpredictiveMedium
31Filexxxxxxxxxxxxx.xxxpredictiveHigh
32Filexxxxxxxxxxxxxx.xxxpredictiveHigh
33Filexxxxxxxxxx.xxxpredictiveHigh
34Filexxxx.xxxpredictiveMedium
35Filexxxxxxxxx.xxxpredictiveHigh
36Filexxxxxxxxx_xxxpredictiveHigh
37Filexxxx-xxxxx.xxxpredictiveHigh
38Filexxxx-xxxxxxxx.xxxpredictiveHigh
39Filexxxx_xxxxxx.xxxpredictiveHigh
40Filexxxxx.xpredictiveLow
41Filexxxxx/xxxxx.xxpredictiveHigh
42Filexxxxxxx/xxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
43Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
44ArgumentxxxxxxxpredictiveLow
45Argumentxxx_xxxxx_xxxxpredictiveHigh
46ArgumentxxxxxxxpredictiveLow
47Argumentxxx_xxpredictiveLow
48Argumentxxxx_xxpredictiveLow
49ArgumentxxxxxpredictiveLow
50ArgumentxxpredictiveLow
51ArgumentxxxpredictiveLow
52ArgumentxxxxxpredictiveLow
53ArgumentxxxxxxxxxpredictiveMedium
54Argumentxxxxxxxx_xxxpredictiveMedium
55ArgumentxxxxxxxxpredictiveMedium
56ArgumentxxxpredictiveLow
57Argumentxxxxxxxx_xxxpredictiveMedium
58Argumentxxx_xxxxpredictiveMedium
59ArgumentxxxxpredictiveLow
60ArgumentxxxxxxxpredictiveLow
61ArgumentxxxxxxpredictiveLow
62Argumentxxxxx_xxxpredictiveMedium
63Argumentxxxxx_xxxxpredictiveMedium
64ArgumentxxxxxpredictiveLow
65ArgumentxxxxxxxxpredictiveMedium
66Argumentxxxx->xxxxxxxpredictiveHigh
67Argument_xxxxpredictiveLow
68Input Value%xxpredictiveLow
69Input Value.%xx.../.%xx.../predictiveHigh
70Input Value../predictiveLow
71Input Valuexxx xxxxxxxxpredictiveMedium
72Input Valuex xxxxx xxx xxxxxx xxxx,xxxx,xxxx,xxxx,xxxxxx(xxxxxxxxxxxx,xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,xxxxxxxxxxxx)--predictiveHigh
73Network Portxxx/xx (xxxxxx)predictiveHigh

References (4)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!