Get2 تحليل

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (47)

التسلسل الزمني

اللغة

en40
ko6
fr2

البلد

us26
kr12
my8
cn2

الفاعلين

Get28

النشاطات

الاهتمام

التسلسل الزمني

النوع

Not Defined16
Operating System6
Content Management System2
Multimedia Player Software2
Photo Gallery Software2

المجهز

Not Defined10
Linux6
WordPress2
Macromedia2
Coppermine2

منتج

Linux Kernel6
WordPress WP Support Plus Responsive Ticket System2
Macromedia Flash Player2
Coppermine Photo Gallery2
OSSEC Web UI2

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةEPSSCTICVE
1Image Uploader/Browser plugin Pathname pluginconfig.php تجاوز الصلاحيات9.89.6$0-$5k$0-$5kNot DefinedOfficial Fix0.006970.03CVE-2019-19502
2Linux Kernel XFS xfs_ioctl.c xfs_ioc_space تلف الذاكرة4.94.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2021-4155
3jquery.json-viewer library JSON Object تجاوز الصلاحيات5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000610.00CVE-2022-30241
4Juniper Web Device Manager Authentication توثيق ضعيف9.89.0$5k-$25k$0-$5kProof-of-ConceptWorkaround0.000000.06
5Microsoft Windows Kernel Cryptography Driver cng.sys CfgAdtpFormatPropertyBlock تلف الذاكرة7.97.9$25k-$100k$25k-$100kHighOfficial Fix0.143040.00CVE-2020-17087
6Dropbear SSH Server Login Format String9.89.4$25k-$100k$0-$5kNot DefinedOfficial Fix0.000000.04
7Goodtech FTP Server Connection الحرمان من الخدمة5.35.2$0-$5k$0-$5kNot DefinedWorkaround0.006710.00CVE-2001-0188
8OSSEC Web UI search.php سكربتات مشتركة5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.001310.03CVE-2016-4847
9Kong Insomnia Environment Variable تجاوز الصلاحيات5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000650.04CVE-2023-40299
10Nokia NetAct Performance Manager Page XML External Entity6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.001160.00CVE-2023-26058
11Linux Kernel XFS Local Privilege Escalation8.47.3$5k-$25k$0-$5kUnprovenOfficial Fix0.000420.00CVE-2015-0274
12V-EVA Press Release Script page.php حقن إس كيو إل7.37.1$0-$5k$0-$5kHighUnavailable0.001870.04CVE-2010-5047
13TikiWiki tiki-register.php تجاوز الصلاحيات7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.010756.41CVE-2006-6168
14Microsoft Windows Remote Desktop Protocol الكشف عن المعلومات5.85.3$25k-$100k$5k-$25kUnprovenOfficial Fix0.030560.00CVE-2022-22015
15Tobesoft NEXACRO17 File Creation copy تجاوز الصلاحيات8.48.3$0-$5k$0-$5kNot DefinedOfficial Fix0.005280.00CVE-2021-26612
16Online Book Store admin_add.php تجاوز الصلاحيات6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.035330.00CVE-2020-19113
17VMware Workspace one UEM Console تجاوز الصلاحيات5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.758200.00CVE-2021-22054
18lighttpd Log File mod_mysql_vhost.c تجاوز الصلاحيات6.46.0$0-$5k$0-$5kUnprovenOfficial Fix0.011230.03CVE-2015-3200
19lighttpd Log File http_auth.c تجاوز الصلاحيات7.57.1$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.011230.00CVE-2015-3200
20ShopXO phar File تجاوز الصلاحيات8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.004880.00CVE-2021-27817

IOC - Indicator of Compromise (81)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDعنوان بروتوكول الإنترنتHostnameممثلحملاتIdentifiedالنوعالثقة
127.101.221.227Get224/09/2023verifiedعالي
227.101.222.24Get217/11/2023verifiedعالي
327.101.222.186Get225/10/2023verifiedعالي
4101.78.26.130Get226/09/2023verifiedعالي
5103.86.130.35amis.unimap.edu.myGet204/02/2024verifiedعالي
6103.86.130.50edev.unimap.edu.myGet230/01/2024verifiedعالي
7103.86.130.51usis.unimap.edu.myGet229/01/2024verifiedعالي
8103.86.130.54courseregdip.unimap.edu.myGet230/01/2024verifiedعالي
9103.86.130.61elearninglab.unimap.edu.myGet207/02/2024verifiedعالي
10103.86.130.67ipam1.unimap.edu.myGet228/01/2024verifiedعالي
11103.86.130.68imsic.unimap.edu.myGet228/01/2024verifiedعالي
12103.86.130.72kedatangan.unimap.edu.myGet204/02/2024verifiedعالي
13103.86.130.74security.unimap.edu.myGet226/01/2024verifiedعالي
14103.86.130.76ofis.unimap.edu.myGet230/01/2024verifiedعالي
15103.86.130.78misos.unimap.edu.myGet203/03/2024verifiedعالي
16103.86.130.79opa.unimap.edu.myGet231/01/2024verifiedعالي
17103.86.130.83icthelpdesk.unimap.edu.myGet207/02/2024verifiedعالي
18XXX.XX.XXX.XXx-xxx.xxxxxx.xxx.xxXxxx07/02/2024verifiedعالي
19XXX.XX.XXX.XXxxxxxx.xxxxxx.xxx.xxXxxx05/02/2024verifiedعالي
20XXX.XX.XXX.XXxxx.xxxxxx.xxx.xxXxxx28/01/2024verifiedعالي
21XXX.XX.XXX.XXXxxx.xxxxxx.xxx.xxXxxx03/03/2024verifiedعالي
22XXX.XX.XXX.XXXxxxxxxxxx.xxxxxx.xxx.xxXxxx06/02/2024verifiedعالي
23XXX.XX.XXX.XXxxxx.xxxxxx.xxx.xxXxxx27/01/2024verifiedعالي
24XXX.XX.XXX.XXxxxxxxxx.xxxxxx.xxx.xxXxxx26/01/2024verifiedعالي
25XXX.XX.XXX.XXxxx.xxxxxx.xxx.xxXxxx30/01/2024verifiedعالي
26XXX.XX.XXX.XXxxxxxxx-xxxxxxxx.xxxxxx.xxx.xxXxxx03/03/2024verifiedعالي
27XXX.XX.XXX.XXxxxxxxx.xxxxxx.xxx.xxXxxx31/01/2024verifiedعالي
28XXX.XX.XXX.XXxxxxx.xxxxxx.xxx.xxXxxx07/02/2024verifiedعالي
29XXX.XX.XXX.XXxxxxxxx.xxxxxx.xxx.xxXxxx01/02/2024verifiedعالي
30XXX.XX.XXX.XXxxxx.xxxxxx.xxx.xxXxxx02/02/2024verifiedعالي
31XXX.XX.XXX.XXXxxx28/01/2024verifiedعالي
32XXX.XX.XXX.XXXXxxx09/02/2024verifiedعالي
33XXX.XX.XXX.XXXXxxx02/02/2024verifiedعالي
34XXX.XX.XXX.XXXXxxx01/02/2024verifiedعالي
35XXX.XX.XXX.XXXXxxx03/02/2024verifiedعالي
36XXX.XX.XXX.XXXXxxx01/02/2024verifiedعالي
37XXX.XX.XXX.XXXXxxx03/03/2024verifiedعالي
38XXX.XX.XXX.XXXXxxx01/10/2023verifiedعالي
39XXX.XX.XXX.XXXXxxx04/11/2023verifiedعالي
40XXX.XXX.XX.XXxxx03/04/2024verifiedعالي
41XXX.XXX.XX.XXxxx16/11/2023verifiedعالي
42XXX.XXX.XX.XXXXxxx23/09/2023verifiedعالي
43XXX.X.XXX.XXXXxxx04/11/2023verifiedعالي
44XXX.XX.X.XXXXxxx04/11/2023verifiedعالي
45XXX.XX.X.XXXXxxx17/11/2023verifiedعالي
46XXX.XX.XX.XXXXxxx05/11/2023verifiedعالي
47XXX.XX.XX.XXXXxxx22/11/2023verifiedعالي
48XXX.XXX.XXX.XXXXxxx23/01/2024verifiedعالي
49XXX.XXX.XXX.XXXXxxx23/09/2023verifiedعالي
50XXX.XXX.XXX.XXXXxxx23/09/2023verifiedعالي
51XXX.XXX.XXX.XXXXxxx24/09/2023verifiedعالي
52XXX.XXX.XXX.XXXXxxx24/09/2023verifiedعالي
53XXX.XXX.XXX.XXXXxxx26/09/2023verifiedعالي
54XXX.XXX.XXX.XXXXxxx15/10/2023verifiedعالي
55XXX.XXX.XXX.XXXXxxx28/10/2023verifiedعالي
56XXX.XXX.XXX.XXXXxxx03/04/2024verifiedعالي
57XXX.XXX.XXX.XXXXxxx23/09/2023verifiedعالي
58XXX.XXX.XXX.XXXXxxx23/09/2023verifiedعالي
59XXX.XXX.XXX.XXXxxx01/10/2023verifiedعالي
60XXX.XXX.XXX.XXXXxxx26/09/2023verifiedعالي
61XXX.XXX.X.XXXxxx30/09/2023verifiedعالي
62XXX.XXX.X.XXxxxxx_xxx.xxx.xx.xxXxxx28/09/2023verifiedعالي
63XXX.XXX.XXX.XXXXxxx02/10/2023verifiedعالي
64XXX.XX.XXX.XXXXxxx25/09/2023verifiedعالي
65XXX.XXX.XX.XXXXxxx03/04/2024verifiedعالي
66XXX.XXX.XX.XXXXxxx03/04/2024verifiedعالي
67XXX.XX.XX.XXXxxx03/10/2023verifiedعالي
68XXX.XX.XX.XXXxxx16/10/2023verifiedعالي
69XXX.XX.XX.XXXxxx28/09/2023verifiedعالي
70XXX.XX.XX.XXXxxx10/12/2023verifiedعالي
71XXX.XX.XX.XXXxxx29/11/2023verifiedعالي
72XXX.XX.XX.XXXxxx28/10/2023verifiedعالي
73XXX.XX.XX.XXXxxx03/03/2024verifiedعالي
74XXX.XX.XX.XXXxxx03/04/2024verifiedعالي
75XXX.XX.XX.XXXxxx16/12/2023verifiedعالي
76XXX.XX.XX.XXXXxxx26/09/2023verifiedعالي
77XXX.XX.XX.XXXXxxx27/10/2023verifiedعالي
78XXX.XX.XX.XXXXxxx12/01/2024verifiedعالي
79XXX.XX.XX.XXXXxxx15/10/2023verifiedعالي
80XXX.XX.XX.XXXXxxx25/12/2023verifiedعالي
81XXX.XX.XX.XXXXxxx16/12/2023verifiedعالي

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالفئةالثغراتمتجه الوصولالنوعالثقة
1T1006CAPEC-126CWE-22Path Traversalpredictiveعالي
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
3TXXXXCAPEC-242CWE-XXXxxxxxxx Xxxxxxxxxpredictiveعالي
4TXXXX.XXXCAPEC-209CWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictiveعالي
5TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
6TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictiveعالي
7TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictiveعالي
8TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictiveعالي
9TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
10TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي

IOA - Indicator of Attack (20)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/tmppredictiveواطئ
2Fileadmin.phppredictiveمتوسط
3Fileadmin_add.phppredictiveعالي
4Filexxx.xxxpredictiveواطئ
5Filexxxxxxx/xxxxxxx/xxxxxxx/xx_xxxxx/xxxxx.xxxpredictiveعالي
6Filexxxxxxx/xxx/xxxx/xxxxxx.xpredictiveعالي
7Filexxxx_xxxx.xpredictiveمتوسط
8Filexxx/xxxxxx.xxxpredictiveعالي
9Filexxx_xxxxx_xxxxx.xpredictiveعالي
10Filexxxx.xxxpredictiveمتوسط
11Filexxxxxxxxxxxxxx.xxxpredictiveعالي
12Filexxxxxxxxxxxx.xxxpredictiveعالي
13Filexxxx/xxxxxx.xxxpredictiveعالي
14Filexxxx-xxxxxxxx.xxxpredictiveعالي
15Filexxx/xxx_xxxxx.xpredictiveعالي
16Libraryxxxxxxxxx.xxxpredictiveعالي
17Argumentxxxxxxxxpredictiveمتوسط
18Argumentxxxxxxpredictiveواطئ
19Argumentxxxx_xxxxxx_xxxxxxxxxpredictiveعالي
20Argumentxxpredictiveواطئ

المصادر (2)

The following list contains external sources which discuss the actor and the associated activities:

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!