Nodster Analyse

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (5)

Chronologie

Langue

en6

De campagne

us4
de2

Acteurs

Divergent1

Activités

Intérêt

Chronologie

Taper

Not Defined4
Smartphone Operating System2

Fournisseur

Not Defined2
Extreme Networks2
Samsung2

Produit

PixelYourSite Plugin2
Extreme Networks ExtremeWireless Aerohive HiveOS2
Extreme Networks IQ Engine2
Samsung Galaxy2

Vulnérabilités

#VulnérabilitéBaseTemp0dayAujourd'huiExpConEPSSCTICVE
1SSL-Explorer redirect.do buffer overflow4.64.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.001660.00CVE-2007-2907
2Extreme Networks ExtremeWireless Aerohive HiveOS/IQ Engine NetConfig UI Administrative Interface elévation de privilèges8.88.8$0-$5k$0-$5kNot DefinedNot Defined0.829140.04CVE-2020-16152
3DZCP deV!L`z Clanportal browser.php divulgation de l'information5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.027330.53CVE-2007-1167
4PixelYourSite Plugin cross site scripting4.84.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000550.00CVE-2018-0578
5Samsung Galaxy OMACP Message Config elévation de privilèges7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.001150.00CVE-2016-7991

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadresse IPHostnameActeurCampagnesIdentifiedTaperConfiance
1176.9.117.194static.194.117.9.176.clients.your-server.deNodster02/10/2019verifiedÉlevé

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClasseVulnérabilitésVecteur d'accèsTaperConfiance
1T1059CAPEC-242CWE-94Argument InjectionpredictiveÉlevé
2TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveÉlevé
3TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveÉlevé

IOA - Indicator of Attack (4)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTaperConfiance
1Fileinc/filebrowser/browser.phppredictiveÉlevé
2Filexxxxxxxx.xxpredictiveMoyen
3ArgumentxxxxpredictiveFaible
4ArgumentxxxxxxxxxpredictiveMoyen

Références (2)

The following list contains external sources which discuss the actor and the associated activities:

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!