Winwebsec Analysis

IOB - Indicator of Behavior (140)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en116
zh18
de4
es2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

ms140

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

phpMyAdmin6
Cacti4
Microsoft Exchange Server4
Microsoft ASP.NET Core4
Joomla CMS4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1vTiger CRM sql injection7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00890CVE-2019-11057
2Microsoft Exchange Server ProxyShell Remote Code Execution9.58.2$25k-$100k$5k-$25kUnprovenOfficial Fix0.120.61804CVE-2021-34473
3WordPress WP_Query class-wp-query.php sql injection8.58.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.060.01974CVE-2017-5611
4Apache Solr ResourceLoader path traversal5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.03384CVE-2013-6397
5ThinkPHP input validation8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.84749CVE-2019-9082
6Mailman input validation6.56.2$0-$5kCalculatingNot DefinedOfficial Fix0.010.01018CVE-2018-13796
7Pivotal RabbitMQ password access control7.77.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.01018CVE-2016-9877
8phpThumb Default Configuration server-side request forgery5.35.1$0-$5kCalculatingNot DefinedOfficial Fix0.030.01055CVE-2013-6919
9phpThumb phpThumb.demo.showpic.php cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.070.01055CVE-2016-10508
10Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25kCalculatingHighWorkaround0.040.04187CVE-2007-1192
11XenForo privileges management8.67.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00000
12Cacti graph_settings.php code injection7.37.3$0-$5kCalculatingNot DefinedNot Defined0.040.01408CVE-2014-5261
13crewjam saml signature verification3.53.5$0-$5k$0-$5kNot DefinedOfficial Fix0.040.01108CVE-2020-27846
14VestaCP user.conf permission4.64.6$0-$5k$0-$5kNot DefinedNot Defined0.010.00885CVE-2021-30463
15MobileIron Core/Connector improper authentication8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.01055CVE-2020-15506
16IceWarp Mail Server css.php path traversal6.45.5$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.08382CVE-2015-1503
17Cisco Expressway-C/TelePresence VCS certificate validation7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00000CVE-2022-20814
18Car Driving School Management System Login Page sql injection6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.030.00954CVE-2022-24571
19Car Driving School Management System User Enrollment Form cross site scripting2.42.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00885CVE-2022-24572
20Car Driving School Management System sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.00885CVE-2022-28413

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (82)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/cdsms/classes/Master.php?f=delete_enrollmentpredictiveHigh
2File/mifs/c/i/reg/reg.htmlpredictiveHigh
3File/server-infopredictiveMedium
4File/wp-json/oembed/1.0/embed?urlpredictiveHigh
5Filea2billing/customer/iridium_threed.phppredictiveHigh
6Fileadmin.php?s=/Channel/add.htmlpredictiveHigh
7Fileadmin/class-bulk-editor-list-table.phppredictiveHigh
8Fileadministrator/components/com_media/helpers/media.phppredictiveHigh
9Fileauth.asppredictiveMedium
10Filexxxx/xxxxxxxxxxxx.xxxpredictiveHigh
11Filexxx-xxx/xxxxxxpredictiveHigh
12Filexxxx/xxxxxxxxxxxxx/xxxxxxx.xxxpredictiveHigh
13Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
14Filexxxx_xxxxx.xxxpredictiveHigh
15Filexxxxxx.xxxpredictiveMedium
16Filexxxx/xxxxxxxx.xxxx.xxxxxxx.xxxpredictiveHigh
17Filexxxxxxxxxxx/xxxx-xxxxxx-xxxxxx.xxxpredictiveHigh
18Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxpredictiveHigh
19Filexxxxx_xxxxxxxx.xxxpredictiveHigh
20Filexxxx/xxxxxxxxxx.xxxpredictiveHigh
21Filexxxxx.xxxpredictiveMedium
22Filexxxxxxx.xxxpredictiveMedium
23Filexxxxxxxxx/xxxxxxx.xxx.xxxpredictiveHigh
24Filexxx.xpredictiveLow
25Filexxxxxxx.xxxpredictiveMedium
26Filexxx_xxxx.xxxpredictiveMedium
27Filexxxxx/xxxxx.xxxpredictiveHigh
28Filexxxxxxx/xxxx.xxxpredictiveHigh
29Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveHigh
30Filexxxxxxx/xxxxx/xxxx-xxx/xxxxxx.xpredictiveHigh
31Filexxxxx.xxxpredictiveMedium
32Filexxxxxx.xxxpredictiveMedium
33Filexxxx.xxxxpredictiveMedium
34Filexxxxxxxxx.xpredictiveMedium
35Filexxxxxxxx/xxxxxxxxpredictiveHigh
36Filexxxxx.xxxpredictiveMedium
37Filexxxxx/xxxxxxx/xxxxxxxx/xxxxx.xxx.xxxxpredictiveHigh
38Filexxxxxxx/xxxxxx/xxxxx/xxxxxxx/xxx/xxx.xxxpredictiveHigh
39Filexxxxxxx.xxxpredictiveMedium
40Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveHigh
41Filexx-xxxxx/xxxxxx-xxxx.xxxpredictiveHigh
42Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveHigh
43Libraryxxx/xxxx/xxxxxx.xxxxx.xxxpredictiveHigh
44Libraryxxx/xxx.xxxpredictiveMedium
45Argumentxxxxxx_xxxxpredictiveMedium
46ArgumentxxxxxxxpredictiveLow
47Argumentxxxxxxx-xxxxxxpredictiveHigh
48Argumentxxxxxxx_xxpredictiveMedium
49ArgumentxxxxxxxxxxxxxxxpredictiveHigh
50ArgumentxxxxxxpredictiveLow
51ArgumentxxxxpredictiveLow
52ArgumentxxxxxxxpredictiveLow
53ArgumentxxxxpredictiveLow
54ArgumentxxpredictiveLow
55ArgumentxxxxxxxxxpredictiveMedium
56Argumentxx_xxxxpredictiveLow
57Argumentx/xx/xxxpredictiveMedium
58ArgumentxxxxxxxxxxpredictiveMedium
59ArgumentxxxxpredictiveLow
60Argumentxxxx/xxxxxxxpredictiveMedium
61ArgumentxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
62ArgumentxxxxxpredictiveLow
63Argumentxxxxxx_xxxxpredictiveMedium
64ArgumentxxxxxxxxxxxxxpredictiveHigh
65Argumentxxxxxxxx_xxxxxxxpredictiveHigh
66ArgumentxxxxxxpredictiveLow
67ArgumentxxxxpredictiveLow
68Argumentxxxxxx/xxxxxpredictiveMedium
69Argumentxxxxxxxx[]predictiveMedium
70Argumentxxxxxxxx[xxxx]predictiveHigh
71ArgumentxxxpredictiveLow
72Argumentxxx_xxxx[x][]predictiveHigh
73Argumentxxxxxxxx/xxxpredictiveMedium
74ArgumentxxpredictiveLow
75ArgumentxxxxxxxxxxxxxpredictiveHigh
76ArgumentxxxpredictiveLow
77ArgumentxxxxxxxxpredictiveMedium
78ArgumentxxxxxxxxxxxxxpredictiveHigh
79Input Value-xpredictiveLow
80Input Valuexxxxx"][xxxxxx]xxxxx('xxx')[/xxxxxx]predictiveHigh
81Input Value…/.predictiveLow
82Network Portxxx xxxxxx xxxxpredictiveHigh

References (5)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!