Bronze Union Análisis

IOB - Indicator of Behavior (29)

Cronología

Idioma

en14
zh14
es2

País

cn28
us2

Actores

Ocupaciones

Interesar

Cronología

Escribe

Proveedor

Producto

Microsoft .NET Framework4
Cisco ASA2
lighttpd2
ThinkPHP2
glorylion JFinalOA2

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConCTIEPSSCVE
1glorylion JFinalOA SysOrg.java sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00148CVE-2023-0758
2UJCMS Jspxcms ?new escalada de privilegios7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00260CVE-2022-23329
3Microsoft .NET/.NET Framework/Visual Studio Remote Code Execution8.17.4$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00207CVE-2023-24897
4Microsoft .NET/.NET Framework/Visual Studio Remote Code Execution8.17.4$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00125CVE-2023-24895
5Microsoft .NET Framework divulgación de información5.04.7$5k-$25k$0-$5kUnprovenOfficial Fix0.020.00050CVE-2022-41064
6MyBatis Plus sql injection8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00073CVE-2023-25330
7SourceCodester Apartment Visitor Management System action-visitor.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00142CVE-2022-2772
8Amcrest IP2M-841B HTTP Endpoint videotalk autenticación débil7.47.4$0-$5k$0-$5kNot DefinedNot Defined0.020.10144CVE-2019-3948
9IBM Cognos Business Intelligence cross site scripting4.34.1$5k-$25k$0-$5kHighOfficial Fix0.000.00178CVE-2012-4835
10Synacor Zimbra Collaboration Suite amavisd public escalada de privilegios7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.040.95689CVE-2022-41352
11Moxiecode TinyMCE Compressor PHP tiny_mce_gzip.php directory traversal6.55.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.00639CVE-2005-4600
12ArcGIS Server sql injection7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00073CVE-2021-29099
13Synology DiskStation Manager WebAPI directory traversal7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00109CVE-2021-29087
14crelly-slider Plugin File Upload wp_ajax_crellyslider_importSlider escalada de privilegios7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00090CVE-2019-15866
15hymeleaf-spring5 Template escalada de privilegios6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.030.04766CVE-2021-43466
16Hitachi Energy RTU500 Bidirectional Communication Interface denegación de servicio6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00090CVE-2021-35533
17Tiny Tiny RSS OTP Code autenticación débil6.05.8$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00090CVE-2021-28373
18Tiny Tiny RSS cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00089CVE-2017-1000035
19phpMyAdmin cross site scripting6.36.0$25k-$100k$0-$5kHighOfficial Fix0.000.00432CVE-2008-2960
20ThinkPHP escalada de privilegios8.58.4$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.97456CVE-2019-9082

Campañas (1)

These are the campaigns that can be associated with the actor:

  • Bronze Union

IOC - Indicator of Compromise (9)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadVector de accesoEscribeConfianza
1T1006CWE-22Path TraversalpredictiveAlto
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
3TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
4TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
5TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
6TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
7TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
8TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (16)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/getcfg.phppredictiveMedio
2File/opt/zimbra/jetty/webapps/zimbra/publicpredictiveAlto
3File/videotalkpredictiveMedio
4Filexxxxxx-xxxxxxx.xxxpredictiveAlto
5Filexxxx_xxxx.xpredictiveMedio
6Filexxxxxx/?x=xxxxx/\xxxxx\xxx/xxxxxxxxxxxxxx&xxxxxxxx=xxxx_xxxx_xxxx_xxxxx&xxxx[x]=xxxxxx&xxxx[x][]predictiveAlto
7Filexxx/xxxx/xxxx/xxx/xxxxxxxxx/xxx/xxxxxx/xxxxx/xxxxxx.xxxxpredictiveAlto
8Filexxxxxx.xxxpredictiveMedio
9Filexxxx_xxx_xxxx.xxxpredictiveAlto
10Argumentxxxxxx/xxxxxxpredictiveAlto
11ArgumentxxpredictiveBajo
12ArgumentxxxxpredictiveBajo
13ArgumentxxxxxxxxpredictiveMedio
14ArgumentxxxpredictiveBajo
15Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveAlto
16Network Portxxx xxxxxx xxxxpredictiveAlto

Referencias (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!