YaBucks Analysis

IOB - Indicator of Behavior (136)

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

Lang

en93
fr26
de16
pl1

Country

Actors

Activities

Interest

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemCTIEPSSCVE
1Jalios JCMS ajaxPortal.jsp cross site scripting5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.030.01018CVE-2020-15497
2Microsoft Internet Explorer CORS privileges management5.34.8$5k-$25k$0-$5kProof-of-ConceptNot Defined0.040.00000
3HashiCorp Vault/Vault Enterprise access control7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.060.00954CVE-2022-36129
4Blue Prism Enterprise access control4.74.7$0-$5k$0-$5kNot DefinedNot Defined0.000.00890CVE-2022-36117
5Oracle WebLogic Server Centralized Third Party Jars path traversal9.08.9$25k-$100k$5k-$25kNot DefinedOfficial Fix0.090.01018CVE-2022-23457
6Oracle Middleware Common Libraries and Tools Third Party Patch input validation9.89.6$25k-$100k$25k-$100kNot DefinedOfficial Fix0.060.00954CVE-2021-42575
7Pexip Infinity Epic Telehealth denial of service5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.050.01055CVE-2022-27935
8Pexip Infinity H.264 resource consumption5.95.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01055CVE-2022-27937
9dbus-broker Exec Line Parser stack-based overflow6.56.4$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00885CVE-2022-31212
10lemonldap-ng x.509 Certificate NG certificate validation6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.070.00885CVE-2020-16093
11OrientDB Server Community Edition Studio cross-site request forgery8.88.6$0-$5k$0-$5kNot DefinedOfficial Fix0.050.01055CVE-2015-2912
12OrientDB Server Community Edition Studio OHttpSessionManager.java information disclosure6.66.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01055CVE-2015-2913
13Apple iOS OpenGL memory corruption7.37.0$100k and more$5k-$25kNot DefinedOfficial Fix0.000.02890CVE-2015-5924
14LibreHealth EHR Base patient_match_dialog.php cross site scripting3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.030.00954CVE-2022-31498
15IBM Spectrum Protect Plus Virgo Log File log file4.74.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00885CVE-2022-22396
16HID Mercury LP1501/LP1502/LP2500/LP4502/EP4502 Update buffer overflow9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01086CVE-2022-31481
17Pallets Werkzeug HTTP Request Parser request smuggling5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00885CVE-2022-29361
18Apache HTTP Server mod_log_config.c log_cookie input validation5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.050.07344CVE-2014-0098
19Oracle Database Server unknown vulnerability4.34.3$5k-$25k$5k-$25kNot DefinedNot Defined0.050.01132CVE-2009-1971
20Cisco ASA SQL*Net Inspection Engine sql injection7.56.5$25k-$100k$0-$5kUnprovenOfficial Fix0.000.01055CVE-2014-3382

IOC - Indicator of Compromise (96)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsTypeConfidence
13.138.54.87ec2-3-138-54-87.us-east-2.compute.amazonaws.comYaBucksverifiedMedium
23.140.179.210ec2-3-140-179-210.us-east-2.compute.amazonaws.comYaBucksverifiedMedium
33.141.79.17ec2-3-141-79-17.us-east-2.compute.amazonaws.comYaBucksverifiedMedium
43.143.123.90ec2-3-143-123-90.us-east-2.compute.amazonaws.comYaBucksverifiedMedium
53.223.115.185ec2-3-223-115-185.compute-1.amazonaws.comYaBucksverifiedMedium
63.224.108.191ec2-3-224-108-191.compute-1.amazonaws.comYaBucksverifiedMedium
713.70.194.134YaBucksverifiedHigh
818.119.154.66ec2-18-119-154-66.us-east-2.compute.amazonaws.comYaBucksverifiedMedium
918.211.9.206ec2-18-211-9-206.compute-1.amazonaws.comYaBucksverifiedMedium
1023.20.239.12ec2-23-20-239-12.compute-1.amazonaws.comYaBucksverifiedMedium
1123.195.69.108a23-195-69-108.deploy.static.akamaitechnologies.comYaBucksverifiedHigh
1223.202.231.167a23-202-231-167.deploy.static.akamaitechnologies.comYaBucksverifiedHigh
1323.202.231.168a23-202-231-168.deploy.static.akamaitechnologies.comYaBucksverifiedHigh
1423.217.138.108a23-217-138-108.deploy.static.akamaitechnologies.comYaBucksverifiedHigh
1523.246.252.1066a.fc.f617.ip4.static.sl-reverse.comYaBucksverifiedHigh
1634.102.136.180180.136.102.34.bc.googleusercontent.comYaBucksverifiedMedium
1734.117.168.233233.168.117.34.bc.googleusercontent.comYaBucksverifiedMedium
1834.206.145.143ec2-34-206-145-143.compute-1.amazonaws.comYaBucksverifiedMedium
1935.171.109.224ec2-35-171-109-224.compute-1.amazonaws.comYaBucksverifiedMedium
2036.86.63.182YaBucksverifiedHigh
21XX.XX.XXX.Xxxxxxxxxxxxx-xxx.xxxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
22XX.XXX.XX.XXXxxxxxxverifiedHigh
23XX.XX.XXX.XXxx.xxx.xx.xx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
24XX.XX.XXX.XXxx.xxx.xx.xx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
25XX.XX.XXX.XXxx.xxx.xx.xx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
26XX.XX.XXX.XXxx.xxx.xx.xx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
27XX.XX.XXX.XXXxxx.xxx.xx.xx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
28XX.X.XXX.XXXxxx-xx-x-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
29XX.X.X.XXxxx-xx-x-x-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
30XX.XX.XXX.XXXxxx-xx-xx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedMedium
31XX.XX.XXX.XXXxxx-xx-xx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedMedium
32XX.XX.XXX.XXxxx-xx-xx-xxx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedMedium
33XX.XX.XXX.XXxxx-xx-xx-xxx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedMedium
34XX.XX.XXX.XXXxxx-xx-xx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
35XX.XX.XXX.XXXxxx-xx-xx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
36XX.XX.XX.XXXxxx-xx-xx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
37XX.XXX.XX.Xxxx-xx-xxx-xx-x.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
38XX.XX.XX.XXXxxx-xx-xx-xx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedMedium
39XX.XX.XX.XXxxx-xx-xx-xx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
40XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
41XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
42XX.XXX.XX.XXxxx-xx-xxx-xx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedMedium
43XX.XXX.XX.XXxxx-xx-xxx-xx-xx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedMedium
44XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
45XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
46XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
47XX.XXX.XX.XXXxxx-xx-xxx-xx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
48XX.XXX.XXX.XXXxxxxxxxxxxxx-xxx.xxxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
49XX.XX.XXX.XXxx.xx.xxxx.xxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedHigh
50XX.XX.XXX.XXXxxxxxxverifiedHigh
51XX.XX.XXX.XXXxx.xx.xxxx.xxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedHigh
52XX.XXX.XX.XXXxxxxxxverifiedHigh
53XX.XXX.XXX.XXXxx-xxx-xxx-xxx.xxxxxxx-xxx.xx-x.xxxXxxxxxxverifiedHigh
54XX.XXX.XX.XXXxxxxxxxxxxxxxxxxx.xxxxxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
55XX.XX.XXX.XXXxxxxxxx.xxxxxxxxx.xxxXxxxxxxverifiedHigh
56XX.XXX.XX.XXXXxxxxxxverifiedHigh
57XX.XX.XXX.XXxx-xx-xxx-xx.xxx.xxx.xxXxxxxxxverifiedHigh
58XXX.XXX.XXX.XXXxx-xxx-xxx.xxxxx.xxxXxxxxxxverifiedHigh
59XXX.XX.XXX.XXXXxxxxxxverifiedHigh
60XXX.XXX.XXX.XXxxxxxxverifiedHigh
61XXX.XX.XXX.XXXxxx-xxx-xx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxxverifiedMedium
62XXX.XXX.XXX.XXxxx.xxxxxxxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
63XXX.X.XXX.XXXxxxxxxverifiedHigh
64XXX.XX.XX.XXxx-xxx-xx-xx-xx.xxxxxxxXxxxxxxverifiedHigh
65XXX.XXX.XX.XXXxxx-xxxxx.xxxxxxx.xxxXxxxxxxverifiedHigh
66XXX.XXX.XX.XXXxxx-xxxxxxx.xxxxxxx.xxxXxxxxxxverifiedHigh
67XXX.XX.XXX.XXXXxxxxxxverifiedHigh
68XXX.XX.XXX.XXxxx.xxx.xx.xxXxxxxxxverifiedHigh
69XXX.XXX.XXX.XXXxxxxxxverifiedHigh
70XXX.XX.XX.XXXxxxxxxx.xxxXxxxxxxverifiedHigh
71XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
72XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
73XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
74XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
75XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
76XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
77XXX.XXX.XXX.XXxx.xxx.xxx.xxx.xxxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
78XXX.XX.XXX.XXxxxxxxverifiedHigh
79XXX.XXX.XXX.XXXxxxxxxverifiedHigh
80XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxverifiedHigh
81XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxverifiedHigh
82XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxverifiedHigh
83XXX.XXX.XX.XXXxxxxxxxxxx.xx.xxxxxxx.xxxXxxxxxxverifiedHigh
84XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
85XXX.XXX.XXX.XXxxx-xxx-xxx-xx.xxxxxxxxxxxx.xxxXxxxxxxverifiedHigh
86XXX.XX.XXX.XXXXxxxxxxverifiedHigh
87XXX.XXX.XXX.XXXxxxxxxverifiedHigh
88XXX.XXX.XXX.XXXxxxxxxverifiedHigh
89XXX.XX.XXX.XXxxxxx-xxxxxx-xx.xxxxxx.xxxXxxxxxxverifiedHigh
90XXX.XXX.XXX.XXXxxxxxxverifiedHigh
91XXX.XX.XX.XXXxxxxxxverifiedHigh
92XXX.XX.XXX.XXXxxxxxxxxxxxx.xxxxxxxxxxxxxxxx.xxXxxxxxxverifiedHigh
93XXX.XXX.XXX.XXXXxxxxxxverifiedHigh
94XXX.XXX.XX.XXxxxxxxxxxx.xxx.xxxXxxxxxxverifiedHigh
95XXX.XXX.X.XXXxxx-xxx-x-xxx.xxxxxxx-xxx.xx-x.xxxXxxxxxxverifiedHigh
96XXX.XX.XXX.XXXxxxxxxverifiedHigh

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (39)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/goform/dir_setWanWifipredictiveHigh
2File/opt/tms/bin/clipredictiveHigh
3File/preferences/tagspredictiveHigh
4File/relax-order-checkspredictiveHigh
5Fileand/orpredictiveLow
6Filexxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
7Filexxx?xxx=xxxxxpredictiveHigh
8Filexxxxxxxxxxxxx.xxxxpredictiveHigh
9Filexxxxxxxxxxxxx.xxxpredictiveHigh
10Filexxxxxxx.xxxpredictiveMedium
11Filexxxxxxxxxx/xxxxxxxpredictiveHigh
12Filexx/xxxxxx/xxxxxx.xpredictiveHigh
13Filexx/xxxxx.xpredictiveMedium
14Filexxxxx.xxxpredictiveMedium
15Filexxxxxxxxx/xxxxxx/xxxxxxx_xxxxx_xxxxxx.xxxpredictiveHigh
16Filexxxxx/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
17Filexxxxxxxx.xpredictiveMedium
18Filexxxx_xxxx.xxpredictiveMedium
19Filexxx_xxx_xxxxxx.xpredictiveHigh
20Filexxxxx-xxxxxx.xpredictiveHigh
21Filexxxxx-xxxxxxx.xpredictiveHigh
22Filexxx_xx_xxxxxx.xxpredictiveHigh
23Filexxxxxxxxxxxxx.xxxpredictiveHigh
24Filexxxxxx_xxxxxxx.xxxpredictiveHigh
25Filexxxxxx/xxxxxxx/xxxxxxxx/xxxx/xxxxxxxxxxxxxxxxxxx.xxxxpredictiveHigh
26Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveHigh
27ArgumentxxxxxxxxxxpredictiveMedium
28Argumentxxxxxx_xxxxx_xxx/xxxxxx_xxxxxpredictiveHigh
29ArgumentxxxpredictiveLow
30ArgumentxxxxxxxpredictiveLow
31Argumentxxxx xxxx/xxxx xxpredictiveHigh
32ArgumentxxxxxxxxpredictiveMedium
33ArgumentxxxxxxxpredictiveLow
34ArgumentxxxxxxxxpredictiveMedium
35ArgumentxxxxpredictiveLow
36ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
37ArgumentxxxxxpredictiveLow
38Input ValuexxxxxpredictiveLow
39Input Valuexxxxx/xxxxxxxxpredictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!