القطاع Education

Timeframe: -28 days

Default Categories (58): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Backup Software, Blog Software, Calendar Software, Chat Software, Cloud Software, Communications System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Firewall Software, Groupware Software, Hardware Driver Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Learning Management Software, Library Management System Software, Log Management Software, Mail Client Software, Mail Server Software, Messaging Software, Middleware, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Spreadsheet Software, SSH Server Software, Survey Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

التسلسل الزمني

المجهز

Linux174
Apple124
Not Defined56
Microsoft50
Foxit42

منتج

Linux Kernel174
Apple macOS82
Foxit PDF Reader42
Apple tvOS34
Microsoft Windows30

معالجة

Official Fix530
Temporary Fix0
Workaround2
Unavailable0
Not Defined128

قابلية الاستغلال

High0
Functional0
Proof-of-Concept20
Unproven36
Not Defined604

متجه الوصول

Not Defined0
Physical6
Local142
Adjacent228
Network284

توثيق

Not Defined0
High30
Low402
None228

تفاعل المستخدم

Not Defined0
Required178
None482

C3BM Index

CVSSv3 Base

≤10
≤20
≤324
≤466
≤5108
≤6236
≤7128
≤868
≤924
≤106

CVSSv3 Temp

≤10
≤20
≤328
≤466
≤5108
≤6312
≤778
≤848
≤914
≤106

VulDB

≤10
≤22
≤330
≤476
≤5116
≤6220
≤7122
≤866
≤924
≤104

NVD

≤1660
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1530
≤20
≤32
≤46
≤510
≤622
≤724
≤838
≤914
≤1014

المجهز

≤1620
≤20
≤30
≤40
≤50
≤68
≤74
≤816
≤912
≤100

إكسبلويت ذات هجوم فوري

<1k40
<2k198
<5k82
<10k196
<25k96
<50k32
<100k16
≥100k0

إكسبلويت اليوم

<1k278
<2k176
<5k122
<10k50
<25k34
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en794
zh76
de38
fr16
es16

البلد

cn184
us118
de42
gb22
it20

الفاعلين

Mirai3
Cobalt Strike2
B1txor202
Glupteba2
Viper RAT1

النشاطات

الاهتمام

التسلسل الزمني

النوع

Operating System74
Document Reader Software16
Router Operating System14
Web Browser12
Chat Software10

المجهز

Apple38
Linux36
Not Defined24
Foxit14
Microsoft10

منتج

Linux Kernel36
Apple macOS30
Foxit PDF Reader14
Google Chrome8
code-projects Online Book System6

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1Zimbra zm-admin-ajax Form Textbox Field Error XFormItem.js XFormItem.prototype.setError سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix4.090.00000CVE-2017-20191
2Integrate Google Drive Plugin Setting تجاوز الصلاحيات7.37.1$0-$5k$0-$5kNot DefinedNot Defined0.680.00043CVE-2024-2086
3code-projects Online Book System index.php حقن إس كيو إل7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.470.00045CVE-2024-3000
4D-Link DIR-3040us A1 FTP Server تلف الذاكرة7.37.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00045CVE-2024-27619
5code-projects Online Book System description.php حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.100.00045CVE-2024-3002
6xzs-mysql توثيق ضعيف3.73.6$5k-$25k$5k-$25kNot DefinedNot Defined0.630.00043CVE-2024-29401
7SourceCodester Online Chatting System update_room.php حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.100.00045CVE-2024-2932
8code-projects Online Book System Product.php سكربتات مشتركة3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.210.00045CVE-2024-3004
9All In One WP Security & Firewall Plugin طلب تزوير مشترك4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.370.00043CVE-2024-30468
10IBM Security Verify Access Docker Snapshot تشفير ضعيف4.74.7$0-$5k$0-$5kNot DefinedOfficial Fix1.54-0.00000CVE-2024-25027
11code-projects Online Book System Product.php حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.170.00045CVE-2024-3001
12code-projects Online Book System cart.php حقن إس كيو إل6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.210.00045CVE-2024-3003
13Linux Kernel push-switch flush_work تلف الذاكرة8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00043CVE-2023-52629
14Huashi Private Cloud CDN Live Streaming Acceleration Server ipping.php Privilege Escalation6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.320.00043CVE-2024-31032
15RedLettuce PDF Viewer for Elementor Plugin سكربتات مشتركة5.04.9$0-$5k$0-$5kNot DefinedNot Defined1.310.00000CVE-2024-30524
16Nextcloud NextcloudPi Web-Panel تجاوز الصلاحيات9.99.7$0-$5k$0-$5kNot DefinedOfficial Fix0.210.00043CVE-2024-30247
17IBM WebSphere Application Server Liberty Request الحرمان من الخدمة5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix1.22-0.00000CVE-2024-22353
18WP Chat App Plugin Block Image Attribute سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.180.00000CVE-2024-2513
19Google Chrome ANGLE تلف الذاكرة6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.680.00045CVE-2024-2883
20Backup Bolt Plugin الكشف عن المعلومات5.35.1$0-$5k$0-$5kNot DefinedNot Defined0.160.00043CVE-2023-7236

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
12.57.122.0/24Miraipredictiveعالي
23.75.178.0/24Cobalt Strikepredictiveعالي
3X.XX.XX.X/XXXxxxpredictiveعالي
4XX.XXX.XXX.X/XXXxxxxxxxpredictiveعالي
5XX.XXX.XX.X/XXXxx Xxxxxpredictiveعالي
6XX.XXX.XXX.X/XXXxxxxxxpredictiveعالي
7XX.XX.XX.X/XXXxxxxxxxpredictiveعالي
8XXX.XX.XX.X/XXXxxxxxx Xxxxx Xxxxxpredictiveعالي
9XXX.XX.XXX.X/XXXxxxxpredictiveعالي
10XXX.XX.XX.X/XXXxxxx Xxxpredictiveعالي
11XXX.XXX.XXX.X/XXXxxxxxxxxxxxpredictiveعالي
12XXX.XXX.XXX.X/XXXxxxxxxxx Xxxxxxpredictiveعالي
13XXX.XX.XX.X/XXXxxxxxx Xxxxxxpredictiveعالي
14XXX.XXX.XXX.X/XXXxxxxpredictiveعالي
15XXX.XXX.XXX.X/XXXxxxx Xxxxxxxpredictiveعالي
16XXX.XX.XXX.X/XXXxxxxx Xxxpredictiveعالي
17XXX.XXX.XX.X/XXXxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (19)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-22, CWE-23Path Traversalpredictiveعالي
2T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictiveعالي
3T1059CWE-94Argument Injectionpredictiveعالي
4T1059.007CWE-79Cross Site Scriptingpredictiveعالي
5TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
6TXXXX.XXXCWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictiveعالي
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictiveعالي
8TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
9TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
10TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
11TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
12TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictiveعالي
13TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveعالي
14TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
15TXXXX.XXXCWE-XXXXxxxxxxxpredictiveعالي
16TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
17TXXXXCWE-XXXXxxxxxxxxxxxx Xxxxxxpredictiveعالي
18TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictiveعالي
19TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (87)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/cart.phppredictiveمتوسط
2File/cgi-bin/gui.cgipredictiveعالي
3File/description.phppredictiveعالي
4File/Employer/DeleteJob.php?JobId=1predictiveعالي
5File/index.phppredictiveمتوسط
6File/login.phppredictiveمتوسط
7File/members/moremember.plpredictiveعالي
8File/Product.phppredictiveمتوسط
9File/secret_coder.sqlpredictiveعالي
10File/setup.cgipredictiveمتوسط
11Fileadmin/update_room.phppredictiveعالي
12Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveعالي
13Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictiveعالي
14Filexxxx/xxx/xxx/xxx/xxxxxx.xpredictiveعالي
15Filexxxxxxx.xxxpredictiveمتوسط
16Filexxxxxxx/xxxx/xxxx_xxxxxx.xpredictiveعالي
17Filexxxxxxx/xxx/xxx/xxxx_xxxxxx.xpredictiveعالي
18Filexx/xxxxx/xxxxxxxxxxx.xpredictiveعالي
19Filexx/xxxxx/xxxx-xxx.xpredictiveعالي
20Filexx/xxxx/xxxxxxx_xxxxxx.xpredictiveعالي
21Filexx/xxx/xxx_xxxx.xpredictiveعالي
22Filexx/xxx/xxx_xxxxx.xpredictiveعالي
23Filexx/xxx/xxx_xxxx.xpredictiveعالي
24Filexxx_xxx_xxxx.xpredictiveعالي
25Filexxxxxxx/xxxxx/xxxx.xpredictiveعالي
26Filexxxxx.xxxpredictiveمتوسط
27Filexxxxxx/xxx/xxxxxxx.xpredictiveعالي
28Filexxxxxx.xpredictiveمتوسط
29Filexxxxx.xxxpredictiveمتوسط
30Filexxxxx.xxxpredictiveمتوسط
31Filexxxxxxx/xxxxxx.xxxpredictiveعالي
32Filexxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveعالي
33Filexx/xxxx_xxxxx.xpredictiveعالي
34Filexxx/xxxx/xxx.xpredictiveعالي
35Filexxx/xxxx/xxxxxx.xpredictiveعالي
36Filexxx/xxxx/xxxxx.xpredictiveعالي
37Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xpredictiveعالي
38Filexxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveعالي
39Filexxx/xxxxxxxxxxx/xxxx.xpredictiveعالي
40Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictiveعالي
41Filexxxxxxxxxxxx.xxxpredictiveعالي
42Filexxx.xxxxxxpredictiveمتوسط
43Filexxxxxx-xxxxx.xxxpredictiveعالي
44Filexxxxxx-xxxxxxxx.xxxpredictiveعالي
45Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveعالي
46Filexxxxxx.xxxpredictiveمتوسط
47Library/xxxxx/xxxx/xxxx/xxxx/xxx/xxx/xxxxxxxxx.xpredictiveعالي
48Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictiveعالي
49Libraryxxxxxxx/xxxxx/xxx.xpredictiveعالي
50Libraryxxxxxxx/xxxxx/xxxx.xpredictiveعالي
51Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveعالي
52Libraryxxxx_xx.xxpredictiveمتوسط
53Libraryxxx/xxx_xxxx.xpredictiveعالي
54Libraryxxx/xxxx_xxxxx.xpredictiveعالي
55Libraryxxx/xxxxxxxx.xpredictiveعالي
56Libraryxxx/xxxpredictiveواطئ
57Libraryxxx/xxxxxxxx.xpredictiveعالي
58Libraryxxxxx.xxxpredictiveمتوسط
59Argumentxxxxx_xxpredictiveمتوسط
60Argumentxxxxxxxxx xxxxxxxxxxx/xxxxxxxxx xxxxxpredictiveعالي
61Argumentxxxxxxxxpredictiveمتوسط
62Argumentxxxxpredictiveواطئ
63Argumentxxxxxpredictiveواطئ
64Argumentxxxxxx/xxxxpredictiveمتوسط
65Argumentxxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveعالي
66Argumentxxxxxx_xxxxpredictiveمتوسط
67Argumentx_xxxxpredictiveواطئ
68Argumentxxpredictiveواطئ
69Argumentxxpredictiveواطئ
70Argumentxxxxpredictiveواطئ
71Argumentxxxxxxxpredictiveواطئ
72Argumentxxxx_xxxxpredictiveمتوسط
73Argumentxxxxx[]predictiveواطئ
74Argumentxxxxxxpredictiveواطئ
75Argumentxxx_xxxxxxpredictiveمتوسط
76Argumentxx_xxxxx_xxxxxxxpredictiveعالي
77Argumentxxxx_xxxxxx_xxxxxpredictiveعالي
78Argumentxxxxxxxpredictiveواطئ
79Argumentxxxxxxxx/xxxxxxpredictiveعالي
80Argumentxxxxxxpredictiveواطئ
81Argumentxxxxxxx xxxx/xxxxxxx xxxxpredictiveعالي
82Argumentxxx/xxxxxxpredictiveمتوسط
83Argumentxxxxxpredictiveواطئ
84Argumentxxxxxxxxpredictiveمتوسط
85Argumentxxxxxxxx/xxxxxxxxpredictiveعالي
86Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictiveعالي
87Argumentxxxxxpredictiveواطئ
التالي نظرة عامة السابق

Interested in the pricing of exploits?

See the underground prices here!