South Asia Unknown Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en55
ja2
de2

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix1.12CVE-2017-0055
3ThinkSAAS topic.php sql injection8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.03CVE-2020-35337
4Chaussette Event_for_month.php privileges management5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.04CVE-2006-4159
5Google Chrome errorEventSender ImageLoader.cpp memory corruption10.09.0$100k and more$0-$5kProof-of-ConceptOfficial Fix0.06
6Smartisoft phpBazar classified_right.php file inclusion6.56.2$0-$5k$0-$5kProof-of-ConceptUnavailable0.00CVE-2006-2528
7ZTE ZXHN Z500/ZXHN F670L Rule Configuration input validation4.54.4$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2020-6879
8MidiCart PHP Shopping Cart item_show.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.03
9Cisco Linksys EA2700 URL information disclosure4.34.1$5k-$25k$0-$5kProof-of-ConceptWorkaround0.00
10WordPress Post Slug cross site scripting5.24.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2020-28038
11WordPress Installation functions.php is_blog_installed access control8.07.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.07CVE-2020-28037
12SaltStack Salt eauth Token session expiration7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-3144
13JetBrains Ktor HTTP Request request smuggling5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.06CVE-2021-25762
14ProFTPD mod_tls cryptographic issues6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2009-3639
15OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.31CVE-2016-6210
16nginx URI String access control6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2013-4547
17Aruba Instant Web Interface Core Dump information disclosure6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2018-7083
18Aruba ClearPass API xml external entity reference7.77.7$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2018-7063
19D-Link DIR-615 Web Interface Form2File.htm cross-site request forgery6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-7404
20MediaWiki Protection Mechanism redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-19709

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (4)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
3TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (38)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/phppath/phppredictiveMedium
2File/uncpath/predictiveMedium
3Fileapp/topic/action/admin/topic.phppredictiveHigh
4Filecategory.phppredictiveMedium
5Fileclassified_right.phppredictiveHigh
6Filexxxxxxx/xxxx@/xxxxx/xxxxxxxxxx/xxxxxxxx.xxxxpredictiveHigh
7Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
8Filexxxxx_xxx_xxxxx.xxxpredictiveHigh
9Filexxxxxxxxx.xxxpredictiveHigh
10Filexxxx/xxxx/xxxxxxx/xxx/xxxxxxxxxxxxxx.xxxx.xxxpredictiveHigh
11Filexxxx/xxxxxxx.xxxpredictiveHigh
12Filexxxxx.xxxpredictiveMedium
13Filexxxx_xxxx.xxxpredictiveHigh
14Filexxxxxxx/xxx_xxxxxxxxx/xxx_xxxxxxxxx.xpredictiveHigh
15Filexxx_xxxx_xxxxx.xpredictiveHigh
16Filexxxxxxxxxxxxxx.xxxpredictiveHigh
17Filexxxx_xxxxxx.xxxpredictiveHigh
18Filexxxxx.xpredictiveLow
19Filexxxxxxx/xxxxxx/xxxxxxxxxxx.xxxpredictiveHigh
20Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveHigh
21ArgumentxxxxxxxpredictiveLow
22Argumentxxxx_xxpredictiveLow
23ArgumentxxxxxpredictiveLow
24ArgumentxxxpredictiveLow
25Argumentxxxxxxxx_xxxpredictiveMedium
26ArgumentxxxxxxxxpredictiveMedium
27ArgumentxxxpredictiveLow
28Argumentxxx_xxxxpredictiveMedium
29ArgumentxxxxpredictiveLow
30ArgumentxxxxxxxpredictiveLow
31ArgumentxxxxxxpredictiveLow
32Argumentxxxxx_xxxpredictiveMedium
33Argumentxxxxx_xxxxpredictiveMedium
34ArgumentxxxxxpredictiveLow
35Argumentxxxx->xxxxxxxpredictiveHigh
36Argument_xxxxpredictiveLow
37Input Value%xxpredictiveLow
38Input Value.%xx.../.%xx.../predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!