TA410 Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en149
zh5
fr4
ru4
de3

Country

us66
cn29
ru7
ce5
tr3

Actors

Activities

Interest

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need you unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.580.04187CVE-2010-0966
2WordPress sql injection6.86.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.380.01034CVE-2022-21664
3VeronaLabs wp-statistics Plugin API Endpoint Blind sql injection8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.060.00954CVE-2019-13275
4Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
5Microsoft Windows Active Directory Domain Services Privilege Escalation8.88.1$100k and more$0-$5kProof-of-ConceptOfficial Fix0.090.02288CVE-2022-26923
6QNAP QTS Media Library access control8.58.2$0-$5k$0-$5kHighOfficial Fix0.050.23043CVE-2017-13067
7Microsoft Exchange Server ProxyShell Remote Code Execution9.58.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.570.61804CVE-2021-34473
8Microsoft Exchange Server Privilege Escalation8.88.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.040.31667CVE-2021-42321
9Bitcoin Core bitcoin-qt wallet.dat Memory inadequate encryption5.05.0$0-$5k$0-$5kNot DefinedNot Defined0.080.01018CVE-2019-15947
10OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.380.49183CVE-2016-6210
11Samurai Build File util.c canonpath out-of-bounds write6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2019-19795
12Phpsugar PHP Melody page_manager.php cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2017-15648
13Joomla CMS sql injection7.37.0$5k-$25k$0-$5kHighOfficial Fix0.240.93264CVE-2015-7297
14WordPress wp_die information disclosure4.54.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00890CVE-2021-39200
15wp-polls Plugin sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2015-9352
16WP Rocket Plugin path traversal6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.040.00954CVE-2017-11658
17Netgear ProSafe VPN Firewall Web Interface denial of service5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00000
18Siemens SIMATIC S7-410 Service Port 102 input validation7.57.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2018-16557
19ZyXEL USG FLEX 50 CGI Program os command injection8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.100.92833CVE-2022-30525
20QNAP QTS/QuTS cross site scripting4.84.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01055CVE-2020-2495

IOC - Indicator of Compromise (13)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (82)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/gena.cgipredictiveMedium
2File/MIME/INBOX-MM-1/predictiveHigh
3File/netflow/jspui/editProfile.jsppredictiveHigh
4File/rapi/read_urlpredictiveHigh
5File/sec/content/sec_asa_users_local_db_add.htmlpredictiveHigh
6File/see_more_details.phppredictiveHigh
7File/wp-admin/admin-post.php?es_skip=1&option_namepredictiveHigh
8FileApplication/Admin/Controller/ConfigController.class.phppredictiveHigh
9Fileauth-gss2.cpredictiveMedium
10Filexxxxxx.xxxpredictiveMedium
11Filexxx-xxx/xxxxx_xxx_xxxpredictiveHigh
12Filexxxxxx/xxx.xpredictiveMedium
13Filexxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
14Filexxxxxxxxx.xxx.xxxpredictiveHigh
15Filexxxxx/xxxxx.xxxpredictiveHigh
16Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
17Filexxxx_xxxxx.xxxpredictiveHigh
18Filexxxxx.xxxpredictiveMedium
19Filexxxxxx.xxxpredictiveMedium
20Filexx/xx-xx.xpredictiveMedium
21Filexxx/xxxx_xxxx.xpredictiveHigh
22Filexxxx_xxxxxx.xpredictiveHigh
23Filexxxx/xxxxxxx.xpredictiveHigh
24Filexxx/xxxxxx.xxxpredictiveHigh
25Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
26Filexxxxxxxx/xxxxx-xxxxxx-xxxx-xxxxxxx.xxxpredictiveHigh
27Filexxxxx.xxxpredictiveMedium
28Filexxxxx.xxx?x=xxxxx&x=xxxxx&x=xxxxxpredictiveHigh
29Filexxxxx.xxx?xxx=xxxx&xxx=xxxxxxxxpredictiveHigh
30Filexxxxxxxxxx.xxxpredictiveHigh
31Filexxxxxx_xxxx_xxxxxxx.xxxpredictiveHigh
32Filexxxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
33Filexxxx.xpredictiveLow
34Filexxx/xxx.xxxpredictiveMedium
35Filexxx/xxxxx.xxxxpredictiveHigh
36Filexxxx_xxxxxxx.xxxpredictiveHigh
37Filexxx%xx.xxxpredictiveMedium
38Filexxxxxx.xpredictiveMedium
39Filexxxx.xxxpredictiveMedium
40Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
41Filexxxxxxxx.xxxpredictiveMedium
42Filexxxx.xxxpredictiveMedium
43Filexxxxx/xxxxx.xxxpredictiveHigh
44Filexxxxxxxx.xxxpredictiveMedium
45Filexxxx-xxxxxxxx.xxxpredictiveHigh
46Filexxxx.xpredictiveLow
47FilexxxxxxxxxxpredictiveMedium
48Filexxxxxxx/xxxxx.xxxpredictiveHigh
49Filexxxxxx.xxxpredictiveMedium
50Filexxx/xxxxxx/xxx/xxxxxxxxx.xxxpredictiveHigh
51Libraryxxxxx.xxxpredictiveMedium
52Argumentxxxxxx_xxxxpredictiveMedium
53ArgumentxxxxxxxxpredictiveMedium
54ArgumentxxxpredictiveLow
55ArgumentxxxxxxxxxxxxxxxxxpredictiveHigh
56Argumentxxxxxx_xxpredictiveMedium
57ArgumentxxxxpredictiveLow
58ArgumentxxxxxxpredictiveLow
59ArgumentxxpredictiveLow
60Argumentxxxxx_xxxxpredictiveMedium
61ArgumentxxxpredictiveLow
62ArgumentxxxxxxxpredictiveLow
63Argumentxxxx/xxx_xxxxxxxxxpredictiveHigh
64Argumentxxxx_xxxxxpredictiveMedium
65ArgumentxxxxxxxxpredictiveMedium
66Argumentxxxx_xxxxpredictiveMedium
67ArgumentxxpredictiveLow
68ArgumentxxxxxxxxxxpredictiveMedium
69Argumentxxxx_xxxxxxpredictiveMedium
70Argumentxxxx_xxpredictiveLow
71Argumentxxxxxxxx_xxxxxxxxpredictiveHigh
72Argumentxxx_xxxx[x][]predictiveHigh
73ArgumentxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
74ArgumentxxxpredictiveLow
75ArgumentxxxxpredictiveLow
76ArgumentxxxxxxxxpredictiveMedium
77Argumentxxxx/xx/xxxx/xxxpredictiveHigh
78Input Value.%xx.../.%xx.../predictiveHigh
79Input ValuexxxxxxxxxxpredictiveMedium
80Network Portxxxx xxxxpredictiveMedium
81Network Portxxx/xxxpredictiveLow
82Network Portxxx/xxxpredictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!