Vidar Analysis

IOB - Indicator of Behavior (22)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en20
fr2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us14
cn8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Citrix Application Delivery Controller2
Citrix Gateway2
LANDesk Management Suite2
Apache Tapestry2
Exim2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Netgear SRX5308 sql injection7.47.4$5k-$25k$5k-$25kHighNot Defined0.030.00885CVE-2019-17049
2Open Webmail information disclosure3.33.3$0-$5kCalculatingNot DefinedWorkaround0.000.00000
3Exim Alias List host.c host_name_lookup heap-based overflow8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.090.01108CVE-2022-37452
4Apache Tapestry deserialization8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.060.00954CVE-2022-46366
5Atlassian Bitbucket Server and Data Center Environment Variable command injection7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.000.01440CVE-2022-43781
6Ametys CMS auto-completion Plugin en.xml information disclosure5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.12965CVE-2022-26159
7Exim EHLO Command string.c string_vformat buffer overflow8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.040.10667CVE-2019-16928
8D-Link DCS-936L info.cgi information disclosure6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.030.00885CVE-2018-18441
9Citrix Application Delivery Controller/Gateway path traversal8.58.2$25k-$100k$0-$5kHighOfficial Fix0.010.95611CVE-2019-19781
10IBM Marketing Platform Header information disclosure4.34.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00890CVE-2017-1107
11LANDesk Management Suite Admin Interface sm_actionfrm.asp input validation5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01132CVE-2014-5362
12WordPress information disclosure4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.01213CVE-2013-2202
13Apache Tomcat Bug Fix 61201 security check6.36.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.010.05242CVE-2017-15706
14Yiiframework code injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000.01055CVE-2014-4672
15AsusWRT web.c do_vpnupload_post config8.58.2$0-$5k$0-$5kHighOfficial Fix0.030.01018CVE-2018-6000
16WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.01974CVE-2017-5611
17Rocklobster Contact Form 7 access control5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.030.01213CVE-2014-2265
18Linux Kernel inet_connection_sock.c inet_csk_clone_lock double free5.55.5$0-$5k$0-$5kNot DefinedOfficial Fix0.010.04804CVE-2017-8890

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2T1059CWE-94Cross Site ScriptingpredictiveHigh
3TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXXCWE-XXXxxxxxx XxxxxxxxxpredictiveHigh
5TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
7TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh
8TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (12)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/common/info.cgipredictiveHigh
2Filehost.cpredictiveLow
3Filexxxx/xx_xxxxxxxxx.xxxpredictiveHigh
4Filexxx/xxxx/xxxx_xxxxxxxxxx_xxxx.xpredictiveHigh
5Filexxxxxxx/xxx/xxxxxxx/xxxxxx/xxxx-xxxxxxxxxx/<xxxxxx>/xx.xxxpredictiveHigh
6Filexxxxxx/xxxxx/xxx.xpredictiveHigh
7Filexxxxxx.xpredictiveMedium
8Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
9Argumentxxxxxx_xxxx_xxxxpredictiveHigh
10ArgumentxxxpredictiveLow
11ArgumentxxxxxxxxpredictiveMedium
12Argument_xxxxx_xxxxxxx_xxxxxxxxx_xxxxxxx-xxxpredictiveHigh

References (5)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!