Center-2 Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (366)

Chronologie

Langue

en330
fr14
de12
zh4
es2

De campagne

fr318
it18
cn14
us10
gb4

Acteurs

Center-24
Responder1

Activités

Intérêt

Chronologie

Taper

Not Defined112
Smartphone Operating System68
Router Operating System20
Unified Communication Software20
Hardware Driver Software16

Fournisseur

Not Defined56
Cisco44
Huawei42
Google30
NVIDIA14

Produit

Google Android26
Cisco Unified Communications Manager8
Huawei Mate 308
Microsoft Windows6
Huawei Mate 206

Vulnérabilités

#VulnérabilitéBaseTemp0dayAujourd'huiExpConEPSSCTICVE
1LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000002.76
2FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.002030.02CVE-2008-5928
3Sonatype Nexus Repository Manager OSS Admin Panel elévation de privilèges6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000440.03CVE-2022-31289
4EPiServer Ektron CMS content.aspx cross site scripting5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.004550.02CVE-2016-6201
5Huawei Smart Phones Moana-AL00B dénie de service4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000550.00CVE-2020-9227
6Huawei Taurus-AL00A Message buffer overflow5.55.5$5k-$25k$0-$5kNot DefinedNot Defined0.000550.00CVE-2020-9093
7Huawei Mate 20 divulgation de l'information4.03.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.000690.00CVE-2020-9109
8Huawei WS5800-10 Message dénie de service5.05.0$0-$5k$0-$5kNot DefinedNot Defined0.000580.00CVE-2020-9230
9Huawei Mate 30 elévation de privilèges7.06.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000670.00CVE-2020-9261
10Huawei Mate 30/Mate 30 Pro divulgation de l'information4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000640.00CVE-2020-1801
11Apple iPhone malloc elévation de privilèges6.36.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.001000.04CVE-2019-9536
12vBulletin redirector.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.001220.45CVE-2018-6200
13Xitex Xitex WebContent M1 redirect.do cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.001920.03CVE-2008-1209
14phpPgAds adclick.php vulnérabilité inconnue5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.003170.78CVE-2005-3791
15phpMyAdmin Redirect url.php elévation de privilèges7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.007640.06CVE-2015-7873
16Huawei OceanStor 5600 SSH Key authentification faible7.47.3$5k-$25k$0-$5kNot DefinedWorkaround0.000730.03CVE-2016-8754
17Huawei HiSuite Library Loader elévation de privilèges6.56.5$0-$5k$0-$5kNot DefinedNot Defined0.000450.00CVE-2016-8274
18Cisco NX-OS buffer overflow5.35.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.002200.00CVE-2017-3879
19NVIDIA Windows GPU Display Driver Kernel Mode Layer dénie de service4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.00CVE-2017-0320
20Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash divulgation de l'information5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadresse IPHostnameActeurCampagnesIdentifiedTaperConfiance
180.211.35.111host111-35-211-80.serverdedicati.aruba.itCenter-222/07/2021verifiedÉlevé
2XX.XX.XXX.XXxxxxxx-xxx-xx-xx.xxxxxx.xxxxxxxxxx.xxXxxxxx-x22/07/2021verifiedÉlevé
3XXX.XXX.XX.XXXXxxxxx-x22/07/2021verifiedÉlevé
4XXX.XXX.XXX.XXxxx.xxx.xxx.xx.xxxxx.xxxXxxxxx-x22/07/2021verifiedMoyen

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnérabilitésVecteur d'accèsTaperConfiance
1T1006CWE-22Path TraversalpredictiveÉlevé
2T1040CWE-294Authentication Bypass by Capture-replaypredictiveÉlevé
3T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveÉlevé
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveÉlevé
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
6TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveÉlevé
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveÉlevé
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveÉlevé
9TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveÉlevé
10TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveÉlevé
11TXXXXCWE-XXXxx XxxxxxxxxpredictiveÉlevé
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveÉlevé
13TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
14TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveÉlevé
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveÉlevé
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
17TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveÉlevé
18TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveÉlevé
19TXXXX.XXXCWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveÉlevé
20TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveÉlevé

IOA - Indicator of Attack (83)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTaperConfiance
1File/ctpms/admin/?page=applications/view_applicationpredictiveÉlevé
2File/docs/captcha_(number).jpegpredictiveÉlevé
3File/etc/keystone/user-project-map.jsonpredictiveÉlevé
4File/forum/away.phppredictiveÉlevé
5File/horde/util/go.phppredictiveÉlevé
6File/SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.cpredictiveÉlevé
7File/spip.phppredictiveMoyen
8File/webapps/Bb-sites-user-profile-BBLEARN/profile.formpredictiveÉlevé
9File/wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.phppredictiveÉlevé
10Fileaction/addproject.phppredictiveÉlevé
11Filexxxxxxx.xxxpredictiveMoyen
12Filexxxxxxx.xxxpredictiveMoyen
13Filexxxxx/xxxx/xxxxxx/xxx.xxx?xxxpredictiveÉlevé
14Filexxxxxxxxxxxxx/xxxxxxx/xxxx/xxxxxxxxx.xxxpredictiveÉlevé
15Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
16Filexxx/xx-xxxxx-xxxxxxx/xxx-xx-xxxxx-xxxxxxx.xxxpredictiveÉlevé
17Filexxxxxxxxxxx/xxxxxxxx/xxx.xxxpredictiveÉlevé
18Filexxx/xxxx/xxxx/xxxx_xxxxx_xxxx_xxxxx.xpredictiveÉlevé
19Filexxx/xxxx.xxx/xxxxxxxxx/predictiveÉlevé
20Filexxxxxxxxx.xxxpredictiveÉlevé
21Filexxxxx_xxxx_xx.xxxpredictiveÉlevé
22Filexxxxxx/xxx.xpredictiveMoyen
23Filexxxxxx/xxx.xpredictiveMoyen
24Filexxxxxx.xxxpredictiveMoyen
25Filexxxxxxx.xxxpredictiveMoyen
26Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveÉlevé
27Filexxxxxxx/xxx/xxx/xxxx/xxxx_xxx_xxx.xpredictiveÉlevé
28Filexxxxx/xxxxxxxxxxxxx.xxxxxx.xxxpredictiveÉlevé
29Filexxxxxxxxxxxxxx.xxxpredictiveÉlevé
30Filexxxxxx.xxxpredictiveMoyen
31Filexxxxxxxxxxxxx.xxxxpredictiveÉlevé
32Filexxxxxx.xxxpredictiveMoyen
33Filexxxxx.xxxpredictiveMoyen
34Filexxx_xxxx.xxpredictiveMoyen
35Filexxxxx.xpredictiveFaible
36Filexxxxx.xxxpredictiveMoyen
37Filexxxxx.xxxpredictiveMoyen
38Filexxxxxxxx.xxpredictiveMoyen
39Filexxxxxxxxxx.xxxpredictiveÉlevé
40Filexxxxxxxx.xxxpredictiveMoyen
41Filexxxxxxx.xpredictiveMoyen
42Filexxxxxx.xpredictiveMoyen
43Filexxxx.xxxpredictiveMoyen
44Filexxxxxxxxxxxx.xxxpredictiveÉlevé
45Filexxx/xxxx/xxxx/xxxxxx/xxxxxxxxxxx.xxxxpredictiveÉlevé
46Filexxx_xxxxx.xpredictiveMoyen
47Filexxx_xxxxxxxx.xpredictiveÉlevé
48Filexxx.xxxpredictiveFaible
49Filexxxxxxxx/xxxxxxx.xxxxpredictiveÉlevé
50Filexx-xxxxx.xxxpredictiveMoyen
51Filexxx.xpredictiveFaible
52Libraryxxx/xxxx/xxxxxxxxxx/xxxxxxxxxx.xxxpredictiveÉlevé
53Libraryxxxxxxxx.xxxpredictiveMoyen
54Libraryxxx/xxxxxx/xxx/xxx/xxxxxxxxxxxx.xxxpredictiveÉlevé
55Argument$_xxx['xxx']predictiveMoyen
56ArgumentxxxxxxpredictiveFaible
57ArgumentxxxxxxxxpredictiveMoyen
58Argumentxx/xxxxxxpredictiveMoyen
59ArgumentxxxxpredictiveFaible
60Argumentxxxxxx xxxxpredictiveMoyen
61ArgumentxxxxxxxxxxxxpredictiveMoyen
62ArgumentxxxxxxxxpredictiveMoyen
63ArgumentxxxxxpredictiveFaible
64ArgumentxxpredictiveFaible
65ArgumentxxxxpredictiveFaible
66ArgumentxxpredictiveFaible
67Argumentxxxxxxxx_xxxxxxxx_xpredictiveÉlevé
68ArgumentxxxxxxxpredictiveFaible
69ArgumentxxxxxxxxpredictiveMoyen
70Argumentxx_xxxxxpredictiveMoyen
71ArgumentxxxxpredictiveFaible
72ArgumentxxxxxxxxxxxxxxxxxxpredictiveÉlevé
73Argumentxxxxxxxxx_xxpredictiveMoyen
74Argumentxxxxx_xxxxx_xxxxpredictiveÉlevé
75ArgumentxxxxxxxpredictiveFaible
76ArgumentxxxpredictiveFaible
77ArgumentxxxpredictiveFaible
78Argumentxxxx_xxxxxxxxx/xxxx_xxxxxxxxpredictiveÉlevé
79Argumentxxxx_xxpredictiveFaible
80Argumentxxx_xxxxxxxxxpredictiveÉlevé
81Input Value%x/%xpredictiveFaible
82Network Portxxx/xxxxpredictiveMoyen
83Network Portxxx/xxxxpredictiveMoyen

Références (2)

The following list contains external sources which discuss the actor and the associated activities:

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!