SpeakUp Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en96
fr2
zh1
de1
pl1

Country

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2Rittal PDU-3C002DEC/CMCIII-PU-9333E0FB os command injection7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2020-11953
3Google Go IP Address net.ParseCIDR access control7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.03CVE-2021-29923
4Camunda Modeler IPC Message writeFile state issue7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2021-28154
5cocoapods-downloader argument injection6.86.7$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2022-21223
6Deno privileges management8.68.5$0-$5k$0-$5kNot DefinedOfficial Fix0.08CVE-2022-24783
7Rockwell Automation ISaGRAF Runtime credentials storage5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2020-25184
8Cost Calculator Plugin Cost Calculator Post's Layout path traversal5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.07CVE-2021-24820
9Zabbix SAML authentication spoofing8.28.2$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2022-23131
10Shared Groovy Libraries Plugin protection mechanism5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2022-25183
11Sangoma Corporation Switchvox access control4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.05CVE-2021-45310
12Samsung Smartphone Edge Panel information disclosure2.72.7$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2022-24001
13perM strncpy buffer overflow5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2021-38172
14Advanced Cron Manager Plugin access control5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-25084
15Sealevel SeaConnect 370W MQTT URL_decode out-of-bounds write5.75.6$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-21971
16Tenda G1/G3 formDelDhcpRule stack-based overflow3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2021-45994
17Insyde InsydeH2O SMM Privilege Escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-43615
18Signiant Manager+Agents xml external entity reference5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.04CVE-2021-46660
19Document Embedder Plugin AJAX Action information disclosure3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.07CVE-2021-24868
20Reolink RLC-410W JSON Command Parser cgiserver.cgi denial of service3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2021-44397

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1059.007CWE-79Cross Site ScriptingpredictiveHigh
2T1068CWE-264, CWE-284Execution with Unnecessary PrivilegespredictiveHigh
3TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
4TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
5TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
6TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxx Xx XxxxxxxxxxxpredictiveHigh
7TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh

IOA - Indicator of Attack (34)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cgi-bin/kerbynetpredictiveHigh
2File/damicms-master/admin.php?s=/Article/doeditpredictiveHigh
3File/etc/quaggapredictiveMedium
4File/main?cmd=invalid_browserpredictiveHigh
5Filebackend/upcean.cpredictiveHigh
6Filexxxxxxxxx.xxxpredictiveHigh
7Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
8Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
9Filexxxx-xxxxxxxx-xxxxxx.xxxpredictiveHigh
10Filexxxx/xxxx_xxxxxxxx_xxx/xxx_xxxxpredictiveHigh
11Filexxxxxxxxx.xxxpredictiveHigh
12Filexx_xxx_xx.xpredictiveMedium
13Filexxx/xxxxx/xxxx-xxxxxxxx.xxxpredictiveHigh
14Filexxxxx.xxxpredictiveMedium
15Filexxxxxxx.xxxpredictiveMedium
16Filexxxxxxx.xxxpredictiveMedium
17Filexxxx/xxxxxxxxxxxxxx.xxxxpredictiveHigh
18Filexxxxxxx:xxxxxxxxxxxxxxxxpredictiveHigh
19Filexx_xxxx/xx/predictiveMedium
20Filexxxx.xxxpredictiveMedium
21FilexxxxxxxpredictiveLow
22Libraryxxxxxxxxxx.xxxpredictiveHigh
23ArgumentxxxpredictiveLow
24ArgumentxxxxxxxxxxxxxxxpredictiveHigh
25ArgumentxxxxxxxxxxxxpredictiveMedium
26ArgumentxxxxxxpredictiveLow
27Argumentxxxxxx_xxxxx_xxxpredictiveHigh
28ArgumentxxpredictiveLow
29ArgumentxxpredictiveLow
30Argumentxxxx xxxxxpredictiveMedium
31ArgumentxxxxxxxxxxxxxxxxxxxpredictiveHigh
32ArgumentxxxxxxxpredictiveLow
33ArgumentxxxxpredictiveLow
34Input Value%xx%xxxxx%xx/xxx/xxxxxx%xx%xxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!