القطاع Hostingprovider

Timeframe: -28 days

Default Categories (69): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Billing Software, Bug Tracking Software, Calendar Software, Chat Software, Cloud Software, Communications System, Connectivity Software, Content Management System, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Reader Software, Domain Name Software, E-Commerce Management Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Information Management Software, JavaScript Library, Joomla Component, Log Management Software, Mail Client Software, Mail Server Software, Mailing List Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Network Utility Software, Office Suite Software, Operating System, Operating System Utility Software, Packet Analyzer Software, Printing Software, Product Lifecycle Management Software, Programming Language Software, Programming Tool Software, Project Management Software, Remote Access Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Testing Software, Ticket Tracking Software, Versioning Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Word Processing Software, WordPress Plugin

التسلسل الزمني

المجهز

Not Defined250
Mozilla82
Apple52
Microsoft50
Google32

منتج

Mozilla Firefox40
Apple macOS38
Mozilla Thunderbird38
Google Chrome32
Adobe Experience Manager32

معالجة

Official Fix498
Temporary Fix0
Workaround2
Unavailable0
Not Defined202

قابلية الاستغلال

High2
Functional2
Proof-of-Concept20
Unproven42
Not Defined636

متجه الوصول

Not Defined0
Physical4
Local28
Adjacent74
Network596

توثيق

Not Defined0
High80
Low330
None292

تفاعل المستخدم

Not Defined0
Required360
None342

C3BM Index

CVSSv3 Base

≤10
≤20
≤328
≤4122
≤5146
≤6120
≤7156
≤866
≤958
≤106

CVSSv3 Temp

≤10
≤20
≤336
≤4120
≤5146
≤6202
≤792
≤870
≤932
≤104

VulDB

≤10
≤22
≤358
≤4148
≤5132
≤692
≤7164
≤852
≤948
≤106

NVD

≤1596
≤20
≤30
≤42
≤526
≤622
≤718
≤88
≤918
≤1012

CNA

≤1558
≤20
≤32
≤46
≤516
≤650
≤724
≤818
≤914
≤1014

المجهز

≤1656
≤20
≤30
≤40
≤50
≤64
≤72
≤832
≤98
≤100

إكسبلويت ذات هجوم فوري

<1k56
<2k290
<5k58
<10k96
<25k132
<50k46
<100k24
≥100k0

إكسبلويت اليوم

<1k322
<2k108
<5k106
<10k92
<25k74
<50k0
<100k0
≥100k0

حجم سوق الإكسبلويت

IOB - Indicator of Behavior (1000)

التسلسل الزمني

اللغة

en676
ja208
ru38
zh34
fr14

البلد

jp258
us154
cn92
ru36
it22

الفاعلين

Formbook1

النشاطات

الاهتمام

التسلسل الزمني

النوع

WordPress Plugin56
Web Browser36
Operating System26
Router Operating System24
Content Management System18

المجهز

Not Defined110
Mozilla40
Linux14
D-Link10
IBM6

منتج

Mozilla Firefox26
Linux Kernel14
Mozilla Thunderbird10
Chained Quiz Plugin8
IBM AIX6

الثغرات

#الثغرةBaseTemp0dayاليومق�معالجةCTIEPSSCVE
1Linux Kernel ksmbd smb2pdu.c smb2_tree_disconnect تلف الذاكرة8.07.6$5k-$25k$0-$5kNot DefinedOfficial Fix8.030.00950CVE-2022-47939
2Linux Kernel ksmbd smb2misc.c smb2_get_data_area_len الكشف عن المعلومات3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix2.550.00950CVE-2022-47943
3Linux Kernel ksmbd smb2pdu.c smb2_write الكشف عن المعلومات4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix2.400.00950CVE-2022-47940
4MediaWiki REST API الكشف عن المعلومات3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix1.560.00000CVE-2021-44854
5Squid Web Proxy SSPI/SMB تلف الذاكرة4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix1.150.00000CVE-2022-41318
6VMware ESXi/Workstation/Fusion/Cloud Foundation USB 2.0 controller تلف الذاكرة8.88.4$5k-$25k$5k-$25kNot DefinedOfficial Fix1.040.01036CVE-2022-31705
7Hide Files on GitHub options.js addEventListener سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix2.71-0.00000CVE-2019-25084
8WordPress Pingback تجاوز الصلاحيات5.65.6$5k-$25k$5k-$25kNot DefinedNot Defined0.990.00885CVE-2022-3590
9YITH WooCommerce Gift Cards Premium Plugin تجاوز الصلاحيات9.89.6$0-$5k$0-$5kNot DefinedNot Defined0.940.00885CVE-2022-45359
10Linux Kernel smb2misc.c smb2_get_data_area_len الكشف عن المعلومات3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.900.00950CVE-2022-47938
11sproctor php-calendar index.php سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.990.00885CVE-2022-4455
12TP-Link TL-WR740N ARP الحرمان من الخدمة6.55.7$0-$5k$0-$5kProof-of-ConceptWorkaround0.890.00885CVE-2022-4296
13Squid Web Proxy Internal URL الكشف عن المعلومات3.53.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.630.00000CVE-2022-41317
14Openstack Kolla sudoers تجاوز الصلاحيات8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.770.00885CVE-2022-38060
15Fortinet FortiOS sslvpnd تلف الذاكرة9.88.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.680.00000CVE-2022-42475
16Samba NetLogon Secure Channel تشفير ضعيف5.65.4$0-$5k$0-$5kNot DefinedOfficial Fix0.580.03678CVE-2022-38023
17Chained Quiz Plugin list_questions طلب تزوير مشترك4.74.6$0-$5k$0-$5kNot DefinedNot Defined1.400.01018CVE-2022-4220
18AWStats Hostinfo Plugin XWhois سكربتات مشتركة4.84.7$0-$5k$0-$5kNot DefinedOfficial Fix0.420.00885CVE-2022-46391
19cURL Proxy Error تلف الذاكرة3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.480.00000CVE-2022-43552
20Roots soil Plugin CleanUpModule.php language_attributes سكربتات مشتركة3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.900.01018CVE-2022-4524

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeممثلالنوعالثقة
143.249.37.0/24Patchworkpredictiveعالي
2XXX.XX.XXX.X/XXXxxxxpredictiveعالي
3XXX.XXX.XX.X/XXXxxxxxxxpredictiveعالي
4XXX.XXX.XXX.X/XXXxxxxxpredictiveعالي

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueالثغراتمتجه الوصولالنوعالثقة
1T1006CWE-21, CWE-22Pathname Traversalpredictiveعالي
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveعالي
3T1055CWE-74Injectionpredictiveعالي
4T1059CWE-94Cross Site Scriptingpredictiveعالي
5T1059.007CWE-79, CWE-80, CWE-85Cross Site Scriptingpredictiveعالي
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictiveعالي
8TXXXXCWE-XXX, CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxxpredictiveعالي
9TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx Xxxxxxxxpredictiveعالي
10TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxxxxxxpredictiveعالي
11TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictiveعالي
12TXXXXCWE-XXXXxxxxxxxxx Xxxxxxpredictiveعالي
13TXXXXCWE-XXXxx Xxxxxxxxxpredictiveعالي
14TXXXXCWE-XXXXxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictiveعالي
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictiveعالي
16TXXXXCWE-XXX, CWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx Xxxxpredictiveعالي
17TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictiveعالي
18TXXXX.XXXCWE-XXXXxxxxxxxpredictiveعالي
19TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxxpredictiveعالي
20TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveعالي
21TXXXXCWE-XXX, CWE-XXX, CWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx Xxxxxxxxxxpredictiveعالي
22TXXXX.XXXCWE-XXXXxxxxxxxxxxx Xxxxxxpredictiveعالي
23TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictiveعالي

IOA - Indicator of Attack (103)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDالفئةIndicatorالنوعالثقة
1File/blog/commentpredictiveعالي
2File/cms/notifypredictiveمتوسط
3File/etc/sudoerspredictiveمتوسط
4File/signup_script.phppredictiveعالي
5Fileaddons/ooh323c/src/ooq931.cpredictiveعالي
6Fileadmin/ad_list.phppredictiveعالي
7Fileadmin/partials/ajax/add_field_to_form.phppredictiveعالي
8Fileb/fs/ksmbd/smb2misc.cpredictiveعالي
9Fileban-options.phppredictiveعالي
10Filebarbican/api/controllers/__init__.pypredictiveعالي
11Filebooking.phppredictiveمتوسط
12FileC:\tools\php81predictiveعالي
13Filechainedquiz_listpredictiveعالي
14Filecom/ruoyi/generator/controller/GenControllerpredictiveعالي
15Filexxxxxxx/xxx/xxx/xxx.xpredictiveعالي
16Filexxxxxxx/xxx/xxx/xxx/xxxxxx/xxx_xxxx.xpredictiveعالي
17Filexxxxxxx/xxx/xxx/xxx/xxxxxx_xxxx.xpredictiveعالي
18Filexxxxxxx/xxxxxxxxxx/xxxx/xxxxxx_xxxx.xpredictiveعالي
19Filexxxxxxx/xxxxx/xxxxxxxx/xxx-xxxxxx/xxx_xxxxxx_xx_xxx.xpredictiveعالي
20Filexxxxxxx/xxxx/xxxxx/xxxx.xpredictiveعالي
21Filexxxxxxx/xxx/xxxxxxxx/xxx/xxxxx_xxx.xpredictiveعالي
22Filexxxxxxx/xxx/xxxxxx/xxxxxx_xxx.xpredictiveعالي
23Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveعالي
24Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxx.xpredictiveعالي
25Filexxxxxxx/xxxxx/xxxxxx/xxxxxx_xxxxx.xpredictiveعالي
26Filexxxxxxx/xxxxxxx/xxxxx/xxxxx/xxxx/xxxx_xxxxxxx.xpredictiveعالي
27Filexxxxxxx/xxxxxxx/xxxxxxx/xxxx/xxx_xxxx.xpredictiveعالي
28Filexxxxxxxxxxx.xxxpredictiveعالي
29Filexxxxxx.xxpredictiveمتوسط
30Filexxxxxxx-xx-xxxxx.xxxpredictiveعالي
31Filexxxxxxxxx/xxxxxxx.xxpredictiveعالي
32Filexx/xx_xxxxx.xpredictiveعالي
33Filexx/xxxxx/xxxxxxxx.xpredictiveعالي
34Filexx/xxxxx/xxxxxxx.xpredictiveعالي
35Filexx/xxxxx/xxxxxx.xpredictiveعالي
36Filexxxxxxxxxx/xxxxxx/xxxxxxxxxxx.xxpredictiveعالي
37Filexxxxx.xxxpredictiveمتوسط
38Filexxxxxxxxxxxxxxxxxxxxxxx.xxpredictiveعالي
39Filexxxxxx.xxxxxxxxxx.xxpredictiveعالي
40Filexxx-xxx/xxxxx.xpredictiveعالي
41Filexxxx.xxpredictiveواطئ
42Filexxxxxxxxxxxxxx/xxxxxxxxxxxx.xxxpredictiveعالي
43Filexxx/xxxx/xxxx_xxxx.xpredictiveعالي
44Filexxxxxxxxxxxxxxpredictiveعالي
45Filexxxxxxxx/xxxxxx/xxxxxxxxx/xxxxxx/xxxxxxx_xxxxx.xxxxpredictiveعالي
46Filexxxxxxxxxx/xxxxxxxxx/xxxxxxxxxx/xxxxx_xxxxxx.xxxxpredictiveعالي
47Filexxxx_xxxxxxxxpredictiveعالي
48Filexxxxxx_xxxxx.xxxpredictiveعالي
49Filexxx_xxxxx_xxxxxx.xpredictiveعالي
50Filexxx/xxxxxx/xxxxxx_xxxxxx.xxpredictiveعالي
51Filexxx/xxxxxxx/xxxxxxxxxxxxx.xxxpredictiveعالي
52Filexxx/xxxxxxx-xxxx.xxxpredictiveعالي
53Filexxxxxxx.xxxpredictiveمتوسط
54Filexx/xxxxxxxxx_xx.xxxpredictiveعالي
55Libraryxxxxxxxx.xxxpredictiveمتوسط
56Libraryxxxx.xxxpredictiveمتوسط
57Libraryxxxxx.xxxpredictiveمتوسط
58Argument$_xxxxxx["xxxx_xxxx_xxxxx"]predictiveعالي
59Argument$_xxxxxx['xxx_xxxx']predictiveعالي
60Argumentxxxxxxxxxxxxxxxpredictiveعالي
61Argumentxxxxxxxx_xxx_xxx/xxxxxxxx_xxxxxxxx_xxxpredictiveعالي
62Argumentxx(x)_xxxxx_xxxxxxxxxxpredictiveعالي
63Argumentxxx_xxxpredictiveواطئ
64Argumentxxxx_xxxxxxx_xxxxpredictiveعالي
65Argumentxxxxxxxxpredictiveمتوسط
66Argumentxxxxpredictiveواطئ
67Argumentxxxxxpredictiveواطئ
68Argumentxxxxxxxxxxxpredictiveمتوسط
69Argumentxxpredictiveواطئ
70Argumentxxxpredictiveواطئ
71Argumentxxxxxpredictiveواطئ
72Argumentxxxxxxpredictiveواطئ
73Argumentxxxxx xxx xxxxxpredictiveعالي
74Argumentxxxxxxxx_xxxxxpredictiveعالي
75Argumentxxxxx_xxxx/xxxxx_xxx/xxxxx_xxxx/xxxx_xxpredictiveعالي
76Argumentxxxxpredictiveواطئ
77Argumentxxxxpredictiveواطئ
78Argumentxxpredictiveواطئ
79Argumentxxxxxxxxx_xxx_xxxx_xxxxxxx_xxxxpredictiveعالي
80Argumentxxxxxxxxx_xxx_xxxx_xxxx_xxxxxxxpredictiveعالي
81Argumentxxpredictiveواطئ
82Argumentxxxpredictiveواطئ
83Argumentxxxpredictiveواطئ
84Argumentxxxxxxpredictiveواطئ
85Argumentxxxxpredictiveواطئ
86Argumentxxxxxxxxpredictiveمتوسط
87Argumentxxxx x xxxxpredictiveمتوسط
88Argumentxxxxpredictiveواطئ
89Argumentxxxxxx.xxxxxxxpredictiveعالي
90Argumentxxxxx_xxpredictiveمتوسط
91Argumentxxxxxxxxpredictiveمتوسط
92Argumentxxxxxxxpredictiveواطئ
93Argumentxxxxxxxxpredictiveمتوسط
94Argumentxxxpredictiveواطئ
95Argumentxxxxxpredictiveواطئ
96Argumentxxxxxx_xxxxpredictiveمتوسط
97Argumentxxxxxx_predictiveواطئ
98Argumentxxxxpredictiveواطئ
99Argumentxxxxxxxxpredictiveمتوسط
100Argumentxxxpredictiveواطئ
101Argumentxxxxxpredictiveواطئ
102Argumentxxxxxxxxpredictiveمتوسط
103Argumentxx_xxxx_xxxxx_xxxxxxx_xxxxx_xxxpredictiveعالي
التالي نظرة عامة السابق

Interested in the pricing of exploits?

See the underground prices here!