GoGoogle Análisis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (16)

Cronología

Idioma

en16

País

gb8
us4
in2
nl2

Actores

Amnesia1
GoGoogle1

Ocupaciones

Interesar

Cronología

Escribe

WordPress Plugin6
Network Attached Storage Software2
Not Defined2
Forum Software2
Chat Software2

Proveedor

Not Defined14
QNAP2

Producto

QNAP NAS2
QNAP2
Download Manager2
vBulletin2
Rocket.Chat Server2

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConEPSSCTICVE
1WordPress Post press-this.php escalada de privilegios5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000540.03CVE-2011-1762
2Elementor Website Builder Plugin AJAX Action module.php escalada de privilegios7.57.4$0-$5k$0-$5kNot DefinedNot Defined0.961970.02CVE-2022-1329
3Crocoblock JetEngine Form Data Privilege Escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.002010.00CVE-2021-41844
4Crocoblock JetEngine Custom Forms cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000660.00CVE-2021-38607
5WPBakery XSS Protection Mechanism kses_remove_filters escalada de privilegios5.95.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000580.02CVE-2020-28650
6Yoast SEO Plugin Term Description escalada de privilegios9.08.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002440.02CVE-2019-13478
7Rocket.Chat Server NoSQL sql injection8.58.3$0-$5k$0-$5kNot DefinedOfficial Fix0.003690.04CVE-2017-1000493
8vBulletin moderation.php sql injection7.37.0$0-$5k$0-$5kHighOfficial Fix0.002840.01CVE-2016-6195
9PRTG Network Monitor addusers escalada de privilegios7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000930.00CVE-2018-19411
10PRTG Network Monitor login.htm escalada de privilegios8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.002880.04CVE-2018-19410
11Samba smbd _netr_ServerPasswordSet vulnerabilidad desconocida6.55.7$0-$5k$0-$5kHighOfficial Fix0.974000.00CVE-2015-0240
12OpenSSH Authentication Username divulgación de información5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.31CVE-2016-6210
13QNAP Music Station escalada de privilegios8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.002740.00CVE-2017-13069
14QNAP NAS cgi.cgi desbordamiento de búfer5.95.4$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.00
15Download Manager Redirect6.25.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002330.00CVE-2017-2217
16GLPI divulgación de información5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.007030.00CVE-2011-2720

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDdirección IPHostnameActorCampañasIdentifiedEscribeConfianza
193.174.95.73GoGoogle2022-04-26verifiedAlto

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadVector de accesoEscribeConfianza
1T1059.007CWE-79Cross Site ScriptingpredictiveAlto
2T1068CWE-264, CWE-284Execution with Unnecessary PrivilegespredictiveAlto
3TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
4TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
5TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
6TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
7TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (8)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/api/adduserspredictiveAlto
2File/home/httpd/cgi-bin/cgi.cgipredictiveAlto
3File/xxxxxx/xxxxx.xxxpredictiveAlto
4Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveAlto
5Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveAlto
6File~/xxxx/xxx/xxxxxxx/xxxxxxxxxx/xxxxxx.xxxpredictiveAlto
7ArgumentxxxxxxxxpredictiveMedio
8ArgumentxxxxxxxpredictiveBajo

Referencias (2)

The following list contains external sources which discuss the actor and the associated activities:

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!