Avos Análisis

IOB - Indicator of Behavior (66)

Cronología

Idioma

en56
fr6
es2
pl2

País

Actores

Ocupaciones

Interesar

Cronología

Escribe

Proveedor

Producto

IW Guestbook4
Microsoft Malware Protection Engine2
GESIO ERP2
PHPGurukul Hospital Management System2
CKEditor2

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConCTIEPSSCVE
1HP SAN/iQ hydra.exe escalada de privilegios4.33.9$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.00277CVE-2012-4362
2Hydra HTTP Header read.c process_header_end denegación de servicio6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00117CVE-2019-17502
3IW Guestbook badwords_edit.asp sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00000
4Hydra autenticación débil5.65.0$0-$5kCalculadorNot DefinedOfficial Fix0.000.00099CVE-2020-5300
5OmniSecure AddUrlShield index.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00000
6ORY Hydra error Reflected cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00097CVE-2019-8400
7PHPGurukul Hospital Management System dashboard.php escalada de privilegios5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00661CVE-2020-35745
8HP SAN/iQ Login hydra.exe desbordamiento de búfer10.09.5$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.46643CVE-2011-4157
9HP LeftHand Virtual SAN Appliance hydra desbordamiento de búfer10.09.5$25k-$100k$0-$5kHighOfficial Fix0.000.80026CVE-2013-2343
10Coinsoft Technologies phpCOIN db.php escalada de privilegios7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.07606CVE-2005-4211
11Coinsoft Technologies phpCOIN db.php directory traversal5.34.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.020.03877CVE-2005-4212
12Ilohamail cross site scripting4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00000
13Small CRM cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00052CVE-2023-44075
14Intern Record System controller.php cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00087CVE-2022-40348
15Sitekit CMS registration-form.html cross site scripting3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00000
16Microsoft Windows Backup Service Privilege Escalation7.77.1$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.040.00389CVE-2023-21752
17SunHater KCFinder upload.php cross site scripting5.75.7$0-$5kCalculadorNot DefinedNot Defined0.030.00131CVE-2019-14315
18Canto Cumulus login escalada de privilegios8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.020.00252CVE-2022-40305
19IW Guestbook messages_edit.asp sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00000
20CKEditor Clipboard Package escalada de privilegios6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00163CVE-2021-32809

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDdirección IPHostnameActorCampañasIdentifiedEscribeConfianza
145.136.230.191Avos2022-07-29verifiedAlto
2XXX.XXX.XXX.XXXXxxx2022-07-29verifiedAlto

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadVector de accesoEscribeConfianza
1T1006CWE-22Path TraversalpredictiveAlto
2T1040CWE-294Authentication Bypass by Capture-replaypredictiveAlto
3TXXXXCWE-XXXxxxxxxx XxxxxxxxxpredictiveAlto
4TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
5TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
7TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (29)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/cwc/loginpredictiveMedio
2File/intern/controller.phppredictiveAlto
3File/iwguestbook/admin/badwords_edit.asppredictiveAlto
4File/iwguestbook/admin/messages_edit.asppredictiveAlto
5Filexxxxx/xxxxxxxxx.xxxpredictiveAlto
6Filexxxxx.xxxpredictiveMedio
7Filexxxx_xxxxxxxx/xx.xxxpredictiveAlto
8Filexxxxx.xxxpredictiveMedio
9Filexxxxx.xxxpredictiveMedio
10Filexxxxx.xxx/xxxxxxxxxxxxx/xxxpredictiveAlto
11Filexxxxxx/xxxxxxxxx/xxxxxpredictiveAlto
12Filexxxx.xpredictiveBajo
13Filexxxxxxxxxxxx-xxxx.xxxxpredictiveAlto
14Filexxxxxx.xxxpredictiveMedio
15Filexx-xxxxx/xxxxx-xxxxxx.xxxpredictiveAlto
16ArgumentxxxxxxxpredictiveBajo
17ArgumentxxxxxxpredictiveBajo
18ArgumentxxxxxxxxxxxxxxxpredictiveAlto
19ArgumentxxxxxxxxxpredictiveMedio
20Argumentxxxxxxx-xxxxxxpredictiveAlto
21Argumentxxxxx_xxxxpredictiveMedio
22Argumentxxxxxx$xxxxxpredictiveMedio
23ArgumentxxpredictiveBajo
24ArgumentxxxxxpredictiveBajo
25Argumentxxxx/xxxxxpredictiveMedio
26Argumentxxxx_xxpredictiveBajo
27ArgumentxxxxxxpredictiveBajo
28Argument_xxxx[_xxx_xxxx_xxxxpredictiveAlto
29Input Valuex+xxxxx+xxxxxx+x,xxxxxxx,xxxxxxxxxxx+xxxx+xxxxx#predictiveAlto

Referencias (2)

The following list contains external sources which discuss the actor and the associated activities:

Might our Artificial Intelligence support you?

Check our Alexa App!