Sector Insurance

Timeframe: -28 days

Default Categories (76): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Asset Management Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Big Data Software, Billing Software, Bug Tracking Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Domain Name Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Information Management Software, IP Phone Software, JavaScript Library, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Policy Management Software, Presentation Software, Printing Software, Programming Language Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Security Testing Software, Server Management Software, Service Management Software, Smartphone Operating System, Software Library, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Cronología

Proveedor

Linux288
Google84
Microsoft60
Foxit50
Not Defined46

Producto

Linux Kernel288
Google Android68
Foxit PDF Reader50
Microsoft Windows40
Mozilla Firefox18

Contramedidas

Official Fix698
Temporary Fix0
Workaround2
Unavailable0
Not Defined126

Explotabilidad

High0
Functional0
Proof-of-Concept28
Unproven46
Not Defined752

Vector de acceso

Not Defined0
Physical4
Local160
Adjacent318
Network344

Autenticación

Not Defined0
High30
Low540
None256

La interacción del usuario

Not Defined0
Required178
None648

C3BM Index

CVSSv3 Base

≤10
≤20
≤316
≤4100
≤5152
≤6316
≤7128
≤878
≤930
≤106

CVSSv3 Temp

≤10
≤20
≤316
≤4104
≤5156
≤6396
≤780
≤858
≤910
≤106

VulDB

≤10
≤22
≤322
≤4106
≤5176
≤6292
≤7124
≤874
≤924
≤106

NVD

≤1826
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1648
≤20
≤34
≤44
≤520
≤644
≤728
≤852
≤918
≤108

Proveedor

≤1778
≤20
≤30
≤40
≤52
≤66
≤76
≤818
≤916
≤100

Explotar día 0

<1k32
<2k210
<5k28
<10k322
<25k164
<50k46
<100k24
≥100k0

Explotar hoy

<1k278
<2k260
<5k154
<10k80
<25k52
<50k2
<100k0
≥100k0

Explotar el volumen del mercado

IOB - Indicator of Behavior (1000)

Cronología

Idioma

en654
de38
es36
fr36
zh34

País

us64
cn54
de42
es36
fr36

Actores

Mirai2
Pacha1
Indexsinas1
RecordBreaker1
TrickBot1

Ocupaciones

Interesar

Cronología

Escribe

Smartphone Operating System24
Software Library12
Web Browser12
Operating System6
Project Management Software6

Proveedor

Google32
SourceCodester14
Microsoft8
Apache6
code-projects6

Producto

Google Android24
SourceCodester Online Library System8
Microsoft Edge6
Linux Kernel4
Lenovo Printer4

Vulnerabilidad

#VulnerabilidadBaseTemp0dayHoyExpConCTIEPSSCVE
1SourceCodester PHP Task Management System admin-password-change.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.880.00045CVE-2024-3222
2SourceCodester Airline Ticket Reservation System activate_jet_details_form_handler.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined2.750.00045CVE-2024-3347
3SourceCodester PHP Task Management System admin-manage-user.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.520.00045CVE-2024-3223
4SourceCodester PHP Task Management System attendance-info.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.800.00045CVE-2024-3221
5kyivstarteam react-native-sms-user-consent SmsUserConsentModule.kt registerReceiver Local Privilege Escalation5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.860.00000CVE-2021-4438
6SourceCodester PHP Task Management System task-details.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.740.00045CVE-2024-3224
7Backdoor.Win32.Beastdoor.oq Service Port 1332 escalada de privilegios7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined1.700.00000
8SourceCodester Online Library System login.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.530.00045CVE-2024-3359
9SourceCodester Online Library System deweydecimal.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.570.00045CVE-2024-3361
10IBM Maximo Application Suite URL divulgación de información6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.750.00000CVE-2024-22328
11SourceCodester Online Library System index.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.490.00000CVE-2024-3363
12SourceCodester Online Library System controller.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.590.00045CVE-2024-3362
13SourceCodester Online Library System index.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.470.00045CVE-2024-3360
14SourceCodester Online Library System index.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.430.00000CVE-2024-3364
15code-projects Car Rental add-vehicle.php escalada de privilegios6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.550.00000CVE-2024-3369
16SourceCodester Online Library System controller.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined1.070.00000CVE-2024-3365
17Google Android asn1_common.c asn1_ec_pkey_parse divulgación de información3.33.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.370.00043CVE-2024-27232
18Google Android gov_init divulgación de información3.33.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.370.00043CVE-2024-29738
19Google Android tmu.c tmu_set_temp_lut desbordamiento de búfer5.35.1$5k-$25k$5k-$25kNot DefinedOfficial Fix0.390.00043CVE-2024-29743
20Google Android tmu.c tmu_set_tr_num_thresholds desbordamiento de búfer5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.410.00043CVE-2024-29752

IOC - Indicator of Compromise (19)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActorEscribeConfianza
123.254.128.0/24Loki Password Stealer (PWS)predictiveAlto
251.20.181.0/24Quasar RATpredictiveAlto
3XX.XXX.XX.X/XXXxxxxpredictiveAlto
4XX.XXX.XX.X/XXXxxxxpredictiveAlto
5XX.XXX.XXX.X/XXXxxxxxxx XxxxpredictiveAlto
6XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
7XXX.XXX.XXX.X/XXXxxxxxxxxxxxxxxpredictiveAlto
8XXX.XXX.XX.X/XXXxxxpredictiveAlto
9XXX.XXX.XX.X/XXXxxxxxpredictiveAlto
10XXX.XX.XXX.X/XXXxxxxpredictiveAlto
11XXX.XX.XX.X/XXXxxxx XxxpredictiveAlto
12XXX.XXX.XX.X/XXXxxxxxxxxxxxxpredictiveAlto
13XXX.XXX.X.X/XXXxxxxx XxxxxxpredictiveAlto
14XXX.XX.XX.X/XXXxxxxxxxxxpredictiveAlto
15XXX.XX.XX.X/XXXxxxxxpredictiveAlto
16XXX.XXX.XXX.X/XXXxxxxxxxxxxxpredictiveAlto
17XXX.XX.XXX.X/XXXxxxxxx XxxxxxpredictiveAlto
18XXX.XX.XX.X/XXXxxxxpredictiveAlto
19XXX.XXX.XX.X/XXXxxxxxxx XxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (22)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadVector de accesoEscribeConfianza
1T1006CWE-22, CWE-23, CWE-25Path TraversalpredictiveAlto
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CWE-94Argument InjectionpredictiveAlto
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
6TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
9TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
10TXXXXCWE-XX, CWE-XXXxx XxxxxxxxxpredictiveAlto
11TXXXXCWE-XXXXxx Xx Xxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
13TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
14TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
15TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx XxxxxxxxpredictiveAlto
16TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictiveAlto
17TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
18TXXXX.XXXCWE-XXXXxxxxxxxpredictiveAlto
19TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
20TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
21TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto
22TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (147)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClaseIndicatorEscribeConfianza
1File/cart.phppredictiveMedio
2File/cgi-bin/gui.cgipredictiveAlto
3File/description.phppredictiveAlto
4File/etc/passwdpredictiveMedio
5File/index.phppredictiveMedio
6File/loginpredictiveBajo
7File/Product.phppredictiveMedio
8File/setup.cgipredictiveMedio
9FileAccountManagerService.javapredictiveAlto
10Fileactivate_jet_details_form_handler.phppredictiveAlto
11Fileadd-vehicle.phppredictiveAlto
12Fileadmin-manage-user.phppredictiveAlto
13Fileadmin-password-change.phppredictiveAlto
14Fileadmin/books/controller.phppredictiveAlto
15Fileadmin/books/deweydecimal.phppredictiveAlto
16Fileadmin/books/index.phppredictiveAlto
17Fileadmin/borrowed/index.phppredictiveAlto
18Fileadmin/login.phppredictiveAlto
19Fileadmin/users/controller.phppredictiveAlto
20Filexxxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
21Filexxxxxxx/xxx/xxxx/xxxx/xx/xxxxxxxx/xxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxx.xxpredictiveAlto
22Filexxx.xpredictiveBajo
23Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictiveAlto
24Filexxxx_xxxxxx.xpredictiveAlto
25Filexxx_xxxx.xpredictiveMedio
26Filexxxxxxxxxx-xxxx.xxxpredictiveAlto
27Filexxx_xxxxxxxx.xxpredictiveAlto
28Filexxxx.xpredictiveBajo
29Filexxxxx/xxx-xxxxxx.xpredictiveAlto
30Filexxxxx/xxx-xx-xxx.xpredictiveAlto
31Filexxxxxxxxx_xxx.xxpredictiveAlto
32Filexxx_xxx.xxxxpredictiveMedio
33Filexxx_xxx.xxpredictiveMedio
34Filexxxxxxxxxxxxxx.xxxpredictiveAlto
35Filexxxxxxxxx.xxxpredictiveAlto
36Filexxxxxxx.xxxpredictiveMedio
37Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictiveAlto
38Filexxx_xx.xpredictiveMedio
39Filexxxx_xxxxx.xxxpredictiveAlto
40Filexxxx.xpredictiveBajo
41Filexxxx-xxxx.xxxpredictiveAlto
42Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
43Filexx/xxxxx/xxxx-xx.xpredictiveAlto
44Filexx/xxxxx/xxxxxxxxxxx.xpredictiveAlto
45Filexx/xxxxx/xxxx-xxx.xpredictiveAlto
46Filexx/xxxx/xxxx.xpredictiveAlto
47Filexx/xxxx/xxxxxxx_xxxxxx.xpredictiveAlto
48Filexxx.xpredictiveBajo
49Filexxxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
50Filexxxxx.xpredictiveBajo
51Filexxxxxx/xxx/xxxxxxx.xpredictiveAlto
52Filexxxxxx/xxx/xxxxx.xpredictiveAlto
53Filexxxxxx/xxx/xxxx.x:predictiveAlto
54Filexxx.xpredictiveBajo
55Filexxxxxxxxx.xxpredictiveMedio
56Filexxxx_xx_xxxxxxx.xpredictiveAlto
57Filexxxxx.xxxpredictiveMedio
58Filexxx.xpredictiveBajo
59Filexxx_xxxxxxxxxxxxx.xpredictiveAlto
60Filexxxxxxx/xxxxxx.xxxpredictiveAlto
61Filexxxxxxxxxxxxxxxx.xxxxx.xxxpredictiveAlto
62Filexx/xxxx_xxxxx.xpredictiveAlto
63Filexx/xxxxxxxx.xpredictiveAlto
64Filexxx/xxxx/xxx.xpredictiveAlto
65Filexxx/xxxx/xxxxxx.xpredictiveAlto
66Filexxx/xxx/xxx_xxxxxx.xpredictiveAlto
67Filexxx/xxxx/xxxxx.xpredictiveAlto
68Filexxx/xxxxxxxxx/xx_xxxxxxxxx_xxxxxx.xpredictiveAlto
69Filexxx/xxxxxxxxxxx/xxxx.xpredictiveAlto
70Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictiveAlto
71Filexxxxxxxxx.xpredictiveMedio
72Filexxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
73Filexxxxx_xxx_xxx.xpredictiveAlto
74Filexxxxx.xpredictiveBajo
75Filexxxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
76Filexxxxxxxxxxxxxxxxx.xxxpredictiveAlto
77Filexx.xpredictiveBajo
78Filexxxxx.xpredictiveBajo
79Filexxxxx.xpredictiveBajo
80Filexxxxx_xxxxxxxxxxxxxxxxx.xpredictiveAlto
81Filexxxxxxxxx.xxxpredictiveAlto
82Filexxxxxxxxxx.xxxpredictiveAlto
83Filexxx_xxx.xxpredictiveMedio
84Filexxxxxxxxx.xxxpredictiveAlto
85Filexxxxxxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
86Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictiveAlto
87Filexx_xxxxxxxxxxx.xpredictiveAlto
88Filexx_xxxxxxxxxxxxxxx.xpredictiveAlto
89Filexxxxxxx.xpredictiveMedio
90Filexxxx-xxxxxxx.xxxpredictiveAlto
91Filexxx.xpredictiveBajo
92Filexxx_xxxxxx.xpredictiveMedio
93Filexxxxxx-xxxxx.xxxpredictiveAlto
94Filexxxxxx-xxxxxxxx.xxxpredictiveAlto
95Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
96Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictiveAlto
97File_xxxxxxxxxx.xpredictiveAlto
98Libraryxxxx/xxx/xxxxxxx/xxx/xxxx.xpredictiveAlto
99Libraryxxxxxxx/xxxxx/xxx.xpredictiveAlto
100Libraryxxxxxxx/xxxxx/xxxx.xpredictiveAlto
101Libraryxxxxxxx/xxx/xxxx_xxx.xpredictiveAlto
102Libraryxxx/xxx_xxxx.xpredictiveAlto
103Libraryxxx/xxxxxxxxxxxx.xpredictiveAlto
104Libraryxxx/xxxx_xxxxx.xpredictiveAlto
105Libraryxxx/xxxxxxxx.xpredictiveAlto
106Libraryxxx/xxx_xxxx.xpredictiveAlto
107Libraryxxx/xxxpredictiveBajo
108Libraryxxx/xxxxxxxx.xpredictiveAlto
109Libraryxxxx.xpredictiveBajo
110Libraryxxxxx.xxxpredictiveMedio
111Argumentxxxxx_xxpredictiveMedio
112Argumentxxxxxxxxxxxxx/xxxxxxxxxpredictiveAlto
113Argumentxx-xxxxxxpredictiveMedio
114ArgumentxxxxxxxxpredictiveMedio
115ArgumentxxxxxxxxpredictiveMedio
116Argumentxx_xxxx_xxxpredictiveMedio
117ArgumentxxxxxxxxxxxpredictiveMedio
118Argumentxxxxxx_xxxxpredictiveMedio
119Argumentx_xxxxpredictiveBajo
120ArgumentxxxxpredictiveBajo
121ArgumentxxpredictiveBajo
122ArgumentxxpredictiveBajo
123Argumentxxx_xxpredictiveBajo
124Argumentxxxxx_xxxpredictiveMedio
125ArgumentxxxxxxxpredictiveBajo
126Argumentxxxx_xxxxpredictiveMedio
127Argumentxxx_xxxxxxpredictiveMedio
128Argumentxxx.xxpredictiveBajo
129ArgumentxxxxxxpredictiveBajo
130Argumentxxx_xxxxxxpredictiveMedio
131Argumentxx_xxxxx_xxxxxxxpredictiveAlto
132Argumentxxxx_xxxxxx_xxxxxpredictiveAlto
133ArgumentxxxxxxxpredictiveBajo
134Argumentxxxxxxxx/xxxxxxpredictiveAlto
135ArgumentxxxxxxxxxxxpredictiveMedio
136Argumentxxxx_xxxxxxx_xxxxpredictiveAlto
137Argumentxxxx/xxxxxxxxpredictiveAlto
138Argumentxxxxxxx xxxx/xxxxxxx xxxxpredictiveAlto
139Argumentxxxx_xxpredictiveBajo
140ArgumentxxxxxpredictiveBajo
141Argumentxxxxxx xxxxxpredictiveMedio
142Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictiveAlto
143Argumentxxxx_xxxxxpredictiveMedio
144Argumentxxxx_xxpredictiveBajo
145Argumentxxxx_xxxxpredictiveMedio
146ArgumentxxxxxpredictiveBajo
147Argumentx-xxxxxxxxx-xxxpredictiveAlto
AnteriorVisión De ConjuntoPróximo

Interested in the pricing of exploits?

See the underground prices here!