Western Sahara Unknown Analysis

IOB - Indicator of Behavior (14)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en9
fr4
de1

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Microsoft Windows Multimedia Library winmm.dll memory corruption10.09.5$100k and more$0-$5kHighOfficial Fix0.030.92021CVE-2012-0003
2ZTE ZXHN H108N information disclosure6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00885CVE-2019-3420
3Django defaulttags.py path traversal7.36.6$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.01319CVE-2013-4315
4SquirrelMail PHP Interface webmail.php improper authentication6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01649CVE-2009-0030
5Softbiz FAQ Script add_comment.php sql injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000.02800CVE-2005-3938
6SonicWALL AntiSpam / EMail Security Appliance MTA Queue Report Module reports_mta_queue_status.html cross site scripting8.07.6$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00000
7Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.040.04187CVE-2007-1192
8Wordpress wp-trackback.php sql injection7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.01136CVE-2005-1687
9Joomla CMS sql injection7.36.9$5k-$25k$0-$5kProof-of-ConceptNot Defined0.030.00986CVE-2013-1453
10Joomla CMS File Upload media.php input validation6.36.0$5k-$25k$0-$5kHighOfficial Fix0.090.85088CVE-2013-5576
11Joomla CMS HTTP Header input validation7.37.0$5k-$25k$0-$5kHighOfficial Fix0.030.93861CVE-2015-8562
12WordPress Widget Title cross-site request forgery4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.01776CVE-2015-5731
13SoftMaker FlexiPDF Installer Library privileges management5.35.1$0-$5k$0-$5kNot DefinedUnavailable0.070.00000
14XenForo privileges management8.67.9$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00000

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilitiesAccess VectorTypeConfidence
1T1006CWE-22Pathname TraversalpredictiveHigh
2TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
3TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
4TXXXXCWE-XXXxx XxxxxxxxxpredictiveHigh
5TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (15)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1Fileadd_comment.phppredictiveHigh
2Fileadministrator/components/com_media/helpers/media.phppredictiveHigh
3Filedata/gbconfiguration.datpredictiveHigh
4Filexxxxxxx_xxx_xxxxx_xxxxxx.xxxxpredictiveHigh
5Filexxxxxxxx/xxxxxxxxxxx.xxpredictiveHigh
6Filexxxxxxx.xxxpredictiveMedium
7Filexx-xxxxxxxxx.xxxpredictiveHigh
8Libraryxxxxx.xxxpredictiveMedium
9Argumentxxxxxxx_xxxxxxx_xxxxxpredictiveHigh
10ArgumentxxxxxxxxxpredictiveMedium
11ArgumentxxxxxxxxpredictiveMedium
12ArgumentxxpredictiveLow
13Argumentxx_xxpredictiveLow
14Argumentxxxx-xxxxxpredictiveMedium
15Input Value../predictiveLow

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!