TunnelVision Analysis

Activities

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en37
fr2
pl1
it1

Country

us29
mx7
gb4
br1

Actors

TunnelVision41

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.05CVE-2007-1192
2SAP NetWeaver MigrationService improper authorization9.29.2$5k-$25k$5k-$25kNot DefinedNot Defined0.05CVE-2021-21481
3WordPress cross site scripting5.75.7$0-$5k$0-$5kNot DefinedOfficial Fix0.34CVE-2022-21662
4WordPress WP_Query sql injection6.36.2$5k-$25k$0-$5kNot DefinedOfficial Fix1.11CVE-2022-21661
5DZCP deV!L`z Clanportal config.php code injection7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.36CVE-2010-0966
6Microsoft Windows RDP authorization8.87.7$25k-$100k$5k-$25kUnprovenOfficial Fix0.05CVE-2021-1669
7WordPress wp-publications Plugin Archive bibtexbrowser.php path traversal7.87.6$0-$5k$0-$5kNot DefinedOfficial Fix0.00CVE-2021-38360
8phpBB viewtopic.php sql injection5.34.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.05CVE-2003-0486
9PbootCMS cross-site request forgery6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.03CVE-2019-7570
10CScms save cross-site request forgery6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2018-16448
11Itechscripts iTechBids detail.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.05CVE-2008-0776
12Five Star Review Script recommend.php sql injection7.37.0$0-$5k$0-$5kHighNot Defined0.06CVE-2008-3780
13Maran PHP Shop prod.php sql injection7.37.3$0-$5k$0-$5kHighNot Defined0.04CVE-2008-4879
14D-Link DNR-320L/DNS-320LW/DNR-322L/DNR-326/DNS-327L HTTP Header login_mgr.cgi memory corruption8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.00CVE-2014-7859
15FtrainSoft Fast Click show.php file inclusion6.56.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.00CVE-2006-2175
16Gespage Admin Panel user_reg.jsp cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-7998
17McAfee Data Loss Prevention MySQL Statement sql injection6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.00
18AVTECH IP Camera/NVR/DVR Config.cgi privileges management7.37.1$0-$5k$0-$5kNot DefinedNot Defined0.05
19Oracle GlassFish Server Java Server Faces access control3.13.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.05CVE-2017-3626
20PHP Safe Mode privileges management9.88.8$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.06CVE-2004-1063

IOC - Indicator of Compromise (7)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (27)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorConfidence
1File/cgi-bin/user/Config.cgiHigh
2File/etc/sudoersMedium
3Fileadmin.php/User/del/ucode/High
4Filedata/gbconfiguration.datHigh
5Filexxxxxx.xxxMedium
6Filexxx/xxxxxx.xxxHigh
7Filexxxxx_xxx.xxxHigh
8Filexxxx.xxxMedium
9Filexxxxxxxxx.xxxHigh
10Filexxxx.xxxMedium
11Filexxxxxx/xxxxx.xxx/xxxx/xxxxHigh
12Filexxxxxxxxx.xxxHigh
13Filexxxxxx/xxxxx/xxxx_xxx.xxxHigh
14File~/xxxxxxxxxxxxx.xxxHigh
15File~/xxxxxxxx/xxxxxxx/xxxxx-xxxx-xxxxxxx.xxxHigh
16ArgumentxxxxxxxxMedium
17ArgumentxxxLow
18Argumentxxxx/xxxxxxxMedium
19Argumentxxxx_xxLow
20ArgumentxxxxxxxxMedium
21ArgumentxxxxLow
22Argumentx_xxxxLow
23Argumentxxxxx_xxMedium
24ArgumentxxxxxxxxMedium
25Input Valuexxxxxx=xxx&xxxxxxxx=xxxxxxx.*High
26Input ValuexxxxxLow
27Input Valuexxxxxxxxx xxxxxHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!