Denonia تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (105)

التسلسل الزمني

اللغة

en28
pt18
it18
es10
ar8

البلد

de106

الفاعلين

Denonia2

النشاطات

الاهتمام

التسلسل الزمني

النوع

Not Defined16
Content Management System2

المجهز

Not Defined10
Automattic2
CIMTechniques2
Jason26052
BACKCLICK2

منتج

Serpico6
WordPress2
Automattic Jetpack2
CIMTechniques CIMScan2
Jason2605 AdminPanel2

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1Zoom Screen Sharing الكشف عن المعلومات4.84.8$0-$5k$0-$5kNot DefinedNot Defined0.080.00183CVE-2021-28133
2Serpico طلب تزوير مشترك6.56.2$0-$5k$0-$5kProof-of-ConceptUnavailable0.000.00073CVE-2019-19854
3TopManage OLK Session Cookie سكربتات مشتركة5.24.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00291CVE-2020-6845
4Serpico تجاوز الصلاحيات5.34.9$0-$5k$0-$5kNot DefinedNot Defined0.000.00084CVE-2019-19859
5BACKCLICK Professional سكربتات مشتركة4.84.7$0-$5k$0-$5kNot DefinedNot Defined0.000.00063CVE-2022-44002
6Serpico Password Change الكشف عن المعلومات6.45.9$0-$5k$0-$5kNot DefinedNot Defined0.000.00072CVE-2019-19857
7LabVantage LIMS Database Name الكشف عن المعلومات5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.03584CVE-2020-7959
8Serpico list_user Stored سكربتات مشتركة3.63.5$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00050CVE-2019-19856
9CIMTechniques CIMScan SOAP WSDL Parser GetSqlData حقن إس كيو إل8.48.4$0-$5k$0-$5kHighNot Defined0.000.00256CVE-2018-16803
10Serpico list_user Stored سكربتات مشتركة3.63.6$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00050CVE-2019-19855
11Jason2605 AdminPanel editPlayer.php حقن إس كيو إل8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00127CVE-2020-13433
12Serpico UID Stored سكربتات مشتركة3.63.5$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00050CVE-2019-19858
13QuickBox Pro سكربتات مشتركة3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00078CVE-2021-45281
14PHP Scripts Mall Citysearch Clone Script restaurants-details.php Reflected سكربتات مشتركة5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00070CVE-2019-6248
15WordPress Thumbnail تجاوز الصلاحيات7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00990CVE-2018-1000773
16Automattic Jetpack حقن إس كيو إل7.37.3$0-$5kجاري الحسابHighUnavailable0.020.00064CVE-2011-4673
17Apache Tomcat Servlets تجاوز الصلاحيات5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00119CVE-2018-1305

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDعنوان بروتوكول الإنترنتHostnameممثلحملاتIdentifiedالنوعالثقة
1116.203.4.0static.0.4.203.116.clients.your-server.deDenonia07/04/2022verifiedعالي
2XXX.XXX.XX.XXxxxxx.xxxx.xxxx.xxXxxxxxx07/04/2022verifiedعالي
3XXX.XX.XXX.XXx.xx.xxxxxxx.xxxXxxxxxx07/04/2022verifiedعالي

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1059.007CWE-79Cross Site Scriptingpredictiveعالي
2TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
3TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
4TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1Fileadmin/add_user/UIDpredictiveعالي
2Fileadmin/list_userpredictiveعالي
3Filexxxxxxxxxxxxx.xxx?xxxxxxxxxx=xxxpredictiveعالي
4Filexxxxxxxxxx.xxxpredictiveعالي
5Filexxxxxxxxxxx-xxxxxxx.xxxpredictiveعالي
6Argumentxxxxxxpredictiveواطئ
7Argumentxxxx_xxxxpredictiveمتوسط
8Argumentxxxxxxpredictiveواطئ
9Argumentxxpredictiveواطئ
10Argumentxxxxpredictiveواطئ
11Argumentxxxxpredictiveواطئ

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!