Generic Análisis

IOB - Indicator of Behavior (70)

Cronología

Idioma

en50
pl16
fr2
de2

País

pl36
us10
fr2
de2
cn2

Actores

Ocupaciones

Interesar

Cronología

Escribe

Proveedor

Producto

Google Chrome4
Asus RT-AC51U2
Asus RT-AC58U2
Asus RT-AC66U2
Asus RT-AC17502

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConCTIEPSSCVE
1cURL/libcURL Cookie File stat condición de carrera4.74.6$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00043CVE-2023-32001
2Hypersilence Silentum Guestbook silentum_guestbook.php sql injection7.37.1$0-$5k$0-$5kHighUnavailable0.020.00107CVE-2009-4687
3F5 BIG-IP Configuration Utility directory traversal9.39.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00321CVE-2023-41373
4Google WebP libwebp desbordamiento de búfer7.57.4$5k-$25k$0-$5kHighOfficial Fix0.020.49095CVE-2023-4863
5ZyXEL P660HN-T1A Remote System Log Forwarder ViewLog.asp escalada de privilegios8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.040.97521CVE-2017-18368
6SailPoint IdentityIQ Lifecycle Manager escalada de privilegios5.85.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00043CVE-2024-1714
7Bricks Plugin autenticación débil7.37.1$0-$5k$0-$5kNot DefinedNot Defined0.020.00000CVE-2024-25600
8agnivade easy-scrypt scrypt.go VerifyPassphrase divulgación de información3.53.5$0-$5k$0-$5kNot DefinedOfficial Fix0.090.00188CVE-2014-125055
9GNU C Library __vsyslog_internal desbordamiento de búfer7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.020.00770CVE-2023-6246
10Apache Tomcat Commons FileUpload denegación de servicio5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00045CVE-2023-42794
11HP Integrated Lights-Out IPMI Protocol escalada de privilegios8.28.0$5k-$25k$0-$5kHighWorkaround0.020.27196CVE-2013-4786
12Microsoft Outlook autenticación débil9.08.6$5k-$25k$0-$5kFunctionalOfficial Fix0.030.92353CVE-2023-23397
13DZCP deV!L`z Clanportal config.php escalada de privilegios7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.330.00943CVE-2010-0966
14Tiki Admin Password tiki-login.php autenticación débil8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix2.930.00936CVE-2020-15906
15Proofpoint Enterprise Protection AdminUI cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00052CVE-2023-5771
16Microsoft Exchange Server Privilege Escalation8.07.3$5k-$25k$5k-$25kUnprovenOfficial Fix0.010.00065CVE-2023-36756
17Apache Log4j Chainsaw/SocketAppender denegación de servicio5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00260CVE-2023-26464
18Fortinet FortiSandbox HTTP Request directory traversal7.47.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00094CVE-2023-41682
19Oracle MySQL Workbench denegación de servicio7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00303CVE-2023-0215
20Cacti Regular Expression sql injection5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00112CVE-2023-39365

IOC - Indicator of Compromise (33)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDdirección IPHostnameActorCampañasIdentifiedEscribeConfianza
152.15.72.79ec2-52-15-72-79.us-east-2.compute.amazonaws.comGeneric2022-04-08verifiedMedio
252.15.194.28ec2-52-15-194-28.us-east-2.compute.amazonaws.comGeneric2022-04-08verifiedMedio
352.72.89.116ec2-52-72-89-116.compute-1.amazonaws.comGeneric2022-04-08verifiedMedio
452.204.47.183ec2-52-204-47-183.compute-1.amazonaws.comGeneric2022-04-08verifiedMedio
564.98.145.30url.hover.comGeneric2022-04-08verifiedAlto
667.228.43.214d6.2b.e443.ip4.static.sl-reverse.comGeneric2022-04-08verifiedAlto
768.65.121.51strategic.com.uaGeneric2022-04-08verifiedAlto
8XX.XX.XX.XXxxxxxxxxx-x.xxxxxxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
9XX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
10XX.XX.XXX.XXXxxxxx.xxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
11XX.XXX.XXX.XXXxxxxxx2022-04-08verifiedAlto
12XXX.XX.XX.XXXxxxxxx2022-04-08verifiedAlto
13XXX.XX.XXX.XXXxxxxxx2022-04-08verifiedAlto
14XXX.XX.XXX.XXXXxxxxxx2022-04-08verifiedAlto
15XXX.XXX.XX.XXxx-xxx-xxx-xx-xx.xxxxxx.xxxxxxxxxxxx.xxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
16XXX.XXX.XXX.XXXxxxxxx.xxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
17XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxx.xxxxxxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
18XXX.XXX.XXX.XXxxx-xxx-xxx-xx-xxxx.xxxxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
19XXX.XXX.XXX.XXXXxxxxxx2022-04-08verifiedAlto
20XXX.XXX.XXX.XXXxx-xx-xxxx.xxxxx.xxxXxxxxxx2022-04-08verifiedAlto
21XXX.XX.XXX.XXXxxxxxx2022-04-08verifiedAlto
22XXX.XX.XXX.XXxxxxxx.xxxxxxx.xxXxxxxxx2022-04-08verifiedAlto
23XXX.XXX.XXX.XXXxx-xxx-xxx-xxx-xxx.xx.xxxxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
24XXX.XXX.XXX.XXxxxx-xxxxxxx-xxxxxxx.xxxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
25XXX.XX.XXX.XXXXxxxxxx2022-04-08verifiedAlto
26XXX.XX.XXX.XXXXxxxxxx2022-04-08verifiedAlto
27XXX.XXX.XXX.XXXxx.xxxxxxxxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
28XXX.XX.XX.XXXxxx-xx-xx-xxx.xxx.xxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
29XXX.XXX.XXX.XXXxxx-xxx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
30XXX.XX.XXX.XXxxxxxxxx.xxx.xxxxx.xxxXxxxxxx2022-04-08verifiedAlto
31XXX.XX.XXX.XXxxxxxxxxx.xxxxxxxxxxxxx.xxxXxxxxxx2022-04-08verifiedAlto
32XXX.XXX.XX.XXXxxxxxx2022-04-08verifiedAlto
33XXX.XXX.XXX.XXXXxxxxxx2022-04-08verifiedAlto

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadVector de accesoEscribeConfianza
1T1006CWE-22Path TraversalpredictiveAlto
2T1040CWE-294Authentication Bypass by Capture-replaypredictiveAlto
3T1059CWE-94Argument InjectionpredictiveAlto
4TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
5TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
6TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
7TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
8TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
9TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
10TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
11TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
12TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
13TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (32)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/accountancy/admin/accountmodel.phppredictiveAlto
2File/apply_noauth.cgipredictiveAlto
3File/dev/mapper/controlpredictiveAlto
4Fileannouncements.phppredictiveAlto
5Filexxxxxxxx.xxxpredictiveMedio
6Filexxxxxxxxxxxx_xxxx.xxxpredictiveAlto
7Filexxx/xxxxxx.xxxpredictiveAlto
8Filexxxxxxx.xxxpredictiveMedio
9Filexxxxx.xxxpredictiveMedio
10Filexxxxxxxx/xxxxxxxxxpredictiveAlto
11Filexxxxxxxx.xxxpredictiveMedio
12Filexxxxxxxx.xxxpredictiveMedio
13Filexxxx_xxx.xpredictiveMedio
14Filexxxxxx.xxpredictiveMedio
15Filexxxxxxxx_xxxxxxxxx.xxxpredictiveAlto
16Filexxxx-xxxxx.xxxpredictiveAlto
17Filexxxxxxx.xxxpredictiveMedio
18Filexxx.xxxpredictiveBajo
19Filexx-xxxxxxxx/xxxxxxx-xxxxxxxx.xxxpredictiveAlto
20Filexxxx/xxxx_xxxxxx.xpredictiveAlto
21ArgumentxxxxxxxxxxxpredictiveMedio
22ArgumentxxxxxxxxpredictiveMedio
23ArgumentxxxxxxxxpredictiveMedio
24ArgumentxxxxpredictiveBajo
25ArgumentxxxxxpredictiveBajo
26Argumentxxxx_xxxxpredictiveMedio
27ArgumentxxxxxxxxxpredictiveMedio
28ArgumentxxxxxpredictiveBajo
29Argumentxxxxxxx_xxxpredictiveMedio
30Argumentxxxxxx_xxxxpredictiveMedio
31ArgumentxxxxxxxxxpredictiveMedio
32ArgumentxxxxxxxpredictiveBajo

Referencias (9)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!