Secteur Hostingprovider

Timeframe: -28 days

Default Categories (69): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Atlassian Confluence Plugin, Atlassian Jira App Software, Backup Software, Billing Software, Bug Tracking Software, Calendar Software, Chat Software, Cloud Software, Communications System, Connectivity Software, Content Management System, Continuous Integration Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Reader Software, Domain Name Software, E-Commerce Management Software, File Compression Software, File Transfer Software, Firewall Software, Firmware Software, Groupware Software, Hardware Driver Software, Information Management Software, JavaScript Library, Joomla Component, Log Management Software, Mail Client Software, Mail Server Software, Mailing List Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Network Utility Software, Office Suite Software, Operating System, Operating System Utility Software, Packet Analyzer Software, Printing Software, Product Lifecycle Management Software, Programming Language Software, Programming Tool Software, Project Management Software, Remote Access Software, Router Operating System, Server Management Software, Service Management Software, Software Library, Software Management Software, Spreadsheet Software, SSH Server Software, Testing Software, Ticket Tracking Software, Versioning Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Word Processing Software, WordPress Plugin

Chronologie

Fournisseur

Not Defined378
Microsoft92
Apple72
Linux26
Google22

Produit

Apple macOS70
Microsoft Windows54
Linux Kernel26
Google Chrome22
Microsoft Edge22

Contre-mesures

Official Fix450
Temporary Fix0
Workaround2
Unavailable4
Not Defined380

Exploitabilité

High0
Functional2
Proof-of-Concept64
Unproven64
Not Defined706

Vecteur d'accès

Not Defined0
Physical4
Local146
Adjacent92
Network594

Authentification

Not Defined0
High96
Low452
None288

Interaction de l'utilisateur

Not Defined0
Required400
None436

C3BM Index

CVSSv3 Base

≤10
≤20
≤328
≤4154
≤5224
≤6178
≤7134
≤872
≤936
≤1010

CVSSv3 Temp

≤10
≤20
≤332
≤4170
≤5236
≤6226
≤778
≤876
≤910
≤108

VulDB

≤10
≤20
≤370
≤4168
≤5218
≤6140
≤7136
≤868
≤928
≤108

NVD

≤1836
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1614
≤20
≤34
≤410
≤554
≤656
≤730
≤834
≤920
≤1014

Fournisseur

≤1772
≤20
≤30
≤42
≤50
≤66
≤714
≤822
≤918
≤102

Exploiter 0 jour

<1k98
<2k414
<5k104
<10k72
<25k52
<50k72
<100k24
≥100k0

Exploiter aujourd'hui

<1k432
<2k218
<5k70
<10k46
<25k70
<50k0
<100k0
≥100k0

Exploiter le volume du marché

IOB - Indicator of Behavior (1000)

Chronologie

Langue

en906
it52
de12
fr12
es8

De campagne

us162
it72
hu34
gb26
in20

Acteurs

Bumblebee1
Carbanak1
Naikon1
Qakbot1

Activités

Intérêt

Chronologie

Taper

WordPress Plugin24
Anti-Malware Software22
E-Commerce Management Software20
Operating System18
Router Operating System16

Fournisseur

Not Defined48
SourceCodester16
Linux10
IObit10
Apple8

Produit

Linux Kernel10
IObit Malware Fighter10
SourceCodester E-Commerce System10
SourceCodester Alphaware Simple E-Commerce System6
Apple macOS6

Vulnérabilités

#VulnérabilitéBaseTemp0dayAujourd'huiExpConCTIEPSSCVE
1Zhong Bang CRMEB Java list getAdminList sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined5.210.00063CVE-2023-1608
2zwczou WeChat SDK Python to_xml XML External Entity6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix2.610.00063CVE-2018-25082
3404like Plugin 404Like.php checkPage sql injection7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix2.560.00058CVE-2012-10009
4Zoho ManageEngine OpManager XML File XML External Entity5.45.4$0-$5k$0-$5kNot DefinedNot Defined0.62+0.00000CVE-2022-43473
5SourceCodester E-Commerce System Username elévation de privilèges6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined1.650.00091CVE-2023-1557
6SNIProxy Wildcard Backend Host buffer overflow8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.57+0.00000CVE-2023-25076
7Dreamer CMS File Upload cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.54+0.00000CVE-2023-1746
8Infoline Project Management System elévation de privilèges6.96.8$0-$5k$0-$5kNot DefinedOfficial Fix0.54+0.00000CVE-2023-1725
9DriverGenius IOCTL mydrivers64.sys 0x9C402088 buffer overflow7.87.1$0-$5k$0-$5kProof-of-ConceptNot Defined1.520.00045CVE-2023-1676
10IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E004 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.240.00064CVE-2023-1646
11IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E008 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.250.00045CVE-2023-1645
12IObit Malware Fighter IOCTL ImfHpRegFilter.sys 0x8001E040 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.150.00045CVE-2023-1643
13DriverGenius IOCTL mydrivers64.sys 0x9c402084 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.580.00045CVE-2023-1677
14DriverGenius IOCTL mydrivers64.sys 0x9C40A0E0 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.610.00045CVE-2023-1678
15DriverGenius IOCTL mydrivers64.sys 0x9C40A108 buffer overflow5.34.8$0-$5k$0-$5kProof-of-ConceptNot Defined1.530.00045CVE-2023-1679
16AnyMailing Plugin Template cross site scripting5.75.6$0-$5k$0-$5kNot DefinedOfficial Fix1.110.00000CVE-2023-28733
17IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222040 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.120.00045CVE-2023-1642
18Watchdog Anti-Virus IoControlCode wsdk-driver.sys 0x80002008 elévation de privilèges4.44.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.160.00042CVE-2023-1453
19IObit Malware Fighter IOCTL IMFCameraProtect.sys 0x8018E010 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.150.00045CVE-2023-1644
20IObit Malware Fighter IOCTL ObCallbackProcess.sys 0x222010 dénie de service5.55.0$0-$5k$0-$5kProof-of-ConceptNot Defined1.020.00045CVE-2023-1640

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeActeurTaperConfiance
151.83.254.0/24BumblebeepredictiveÉlevé
2XX.XXX.XXX.X/XXXxxxxxxpredictiveÉlevé
3XX.XX.XXX.X/XXXxxxxxxxpredictiveÉlevé
4XX.XXX.XXX.X/XXXxxxxxpredictiveÉlevé
5XXX.XXX.XX.X/XXXxxxxxpredictiveÉlevé

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnérabilitésVecteur d'accèsTaperConfiance
1T1006CWE-22, CWE-23, CWE-425Pathname TraversalpredictiveÉlevé
2T1040CWE-319Authentication Bypass by Capture-replaypredictiveÉlevé
3T1055CWE-74InjectionpredictiveÉlevé
4T1059CWE-88, CWE-94, CWE-1321Cross Site ScriptingpredictiveÉlevé
5T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveÉlevé
6TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
7TXXXX.XXXCWE-XXX, CWE-XXXXxxxxxxx Xxxxxxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxxxx XxxxxxxxpredictiveÉlevé
8TXXXXCWE-XX, CWE-XXXxxxxxx XxxxxxxxxpredictiveÉlevé
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveÉlevé
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveÉlevé
11TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
12TXXXXCWE-XXXxx XxxxxxxxxpredictiveÉlevé
13TXXXXCWE-XXXXxx.xxx Xxxxxxxxxxxxxxxx: Xxxxxxxx Xx Xxxxxxxxxxxxx XxxxpredictiveÉlevé
14TXXXXCWE-XXXXxxxxxxx Xxxxxxxxx Xx X Xxxxxxxxxxx'x Xxxxx Xx XxxxxpredictiveÉlevé
15TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveÉlevé
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveÉlevé
17TXXXX.XXXCWE-XXXXxxxxxxxpredictiveÉlevé
18TXXXXCWE-XXXXxxxxxxxxxxxxpredictiveÉlevé
19TXXXXCWE-XXXX2xx Xxxxxxxxxxxxxxxx: Xxxx Xxxxxxxxxxxx Xxxxxxx XxxxxxxxxxpredictiveÉlevé
20TXXXX.XXXCWE-XXXXxxxxxxxxxxx XxxxxxpredictiveÉlevé
21TXXXXCWE-XXXXxxxxxxxxxx XxxxxxpredictiveÉlevé

IOA - Indicator of Attack (179)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTaperConfiance
1File/adminpredictiveFaible
2File/admin/delete_user.phppredictiveÉlevé
3File/ajax/update_certificatepredictiveÉlevé
4File/alphaware/details.phppredictiveÉlevé
5File/api/admin/store/product/listpredictiveÉlevé
6File/api/admin/store/product/savepredictiveÉlevé
7File/api/admin/system/store/order/listpredictiveÉlevé
8File/api/admin/user/listpredictiveÉlevé
9File/api/uploadpredictiveMoyen
10File/batm/app/admin/standalone/deploymentspredictiveÉlevé
11File/bookstore/bookPerPub.phppredictiveÉlevé
12File/config/myfield/test.phppredictiveÉlevé
13File/dayrui/Fcms/View/system_log.htmlpredictiveÉlevé
14File/dayrui/My/Config/Install.txtpredictiveÉlevé
15File/dayrui/My/View/main.htmlpredictiveÉlevé
16File/dede/group_store.phppredictiveÉlevé
17File/dev/infiniband/rdma_cmpredictiveÉlevé
18File/ecommerce/admin/category/controller.phppredictiveÉlevé
19File/ecommerce/admin/settings/setDiscount.phppredictiveÉlevé
20File/ecommerce/admin/user/controller.php?action=editpredictiveÉlevé
21File/Sys/index.htmlpredictiveÉlevé
22File/wp-content/plugins/wordpress-simple-paypal-shopping-cart/includes/admin/predictiveÉlevé
23Filexxxxxxx.xxxpredictiveMoyen
24Filex-xxxxx.xxxpredictiveMoyen
25Filexx-xxxxxxxx-xxxxxxxx.xxxpredictiveÉlevé
26Filexxxxx/xxxxx_xxxxx.xxxpredictiveÉlevé
27Filexxxxx/xxxxx-xxx-xxxxx-xxxxx.xxxpredictiveÉlevé
28Filexxxxx/xxxx/xxxxxxxxxx.xxx?xxxxxx=xxxxpredictiveÉlevé
29Filexxxxxx.xxxpredictiveMoyen
30Filexxxx/xxx/xxx/xxx.xpredictiveÉlevé
31Filexxx/xxxx.xpredictiveMoyen
32Filexxxx.xpredictiveFaible
33Filex:\xxxxxxxxxx\xxxx\xxxxxxxxxx_xxxxx.xxxpredictiveÉlevé
34Filexxxxxx.xxxpredictiveMoyen
35Filexx-xxxxx-xxx-xxxxxxx-xxxx.xxx.xxxpredictiveÉlevé
36Filexxxx.xxxpredictiveMoyen
37Filexxxxxx/xxxx/xxxx_xxx.xpredictiveÉlevé
38Filexxxxxxxxx_xxxxxxx.xxxpredictiveÉlevé
39Filexxxxxxxx.xxxpredictiveMoyen
40Filexxxxxx_xxxx/xxxxxx/xxxx-xxxxxxxxx/xx/xxxxxxxxxx.xxpredictiveÉlevé
41Filexxxxxxx/xxx/xxx-xxxx.xpredictiveÉlevé
42Filexxxxxxx/xxx/xxx-xxxx.xpredictiveÉlevé
43Filexxxxxxx/xxx/xxx.xpredictiveÉlevé
44Filexxxxxxx/xxx/xxxxxxxx/xxxxxxxx/xxxxxxxxx/xxxxxxxx/xxxxxxxx.xpredictiveÉlevé
45Filexxxxxxx/xxxxxxx/xxxxxxx/xxxxxxx_xxx.xpredictiveÉlevé
46Filexxxxxxxxxxx-xxxx.xxxxxxxpredictiveÉlevé
47Filexx/xxxx/xxxxxxx.xpredictiveÉlevé
48Filexx/xxxx/xxxxxxxx.xpredictiveÉlevé
49Filexx/xxxxx/xxxxx.xpredictiveÉlevé
50Filexx/xxxxx/xxxxxx.xpredictiveÉlevé
51Filexx/xxxxxxxxx/xxxx_xx.xpredictiveÉlevé
52Filexxxxxxxx/xxxx_xxxxxxxx.xxxpredictiveÉlevé
53Filexxxx/xxxxpredictiveMoyen
54Filexxxxxxx.xxxpredictiveMoyen
55Filexx/xxx/xxxxx.xpredictiveÉlevé
56Filexxxxxxxx/xxxxx-xxxxxxxxxx-xxxx.xxxpredictiveÉlevé
57Filexxxxxxxx/xxxxxxxxxx-xxxxxx.xxxpredictiveÉlevé
58Filexx_xxxxx/xxxxxxxxx.xpredictiveÉlevé
59Filexxxxxx/xxxxx/xx.xpredictiveÉlevé
60Filexxx.xxxpredictiveFaible
61Filexxx/xxx.xxxpredictiveMoyen
62Filexxxxx.xxxpredictiveMoyen
63Filexxxxx_xxxx.xxxxxpredictiveÉlevé
64Filexxxxx_xxxxx_xxxxxxx.xxxxxpredictiveÉlevé
65Filexxxxx_xxxxxx.xxxxxpredictiveÉlevé
66Filexxxxxxxxxxxx.xxxpredictiveÉlevé
67Filexxxxxxx_xxx.xxxpredictiveÉlevé
68Filexxx/xxxxxxxxx/xxx_xxxx.xpredictiveÉlevé
69Filexxx/xxx/xxxxxxx.xpredictiveÉlevé
70Filexxx/xxxx/xxxx.xpredictiveÉlevé
71Filexxx/xxxx/xxxxxx.xpredictiveÉlevé
72Filexxx/xxx/xxx_xxxx.xpredictiveÉlevé
73Filexxx/xxx/xxx_xx.xpredictiveÉlevé
74Filexxxxx.xxxxpredictiveMoyen
75Filexxxxxx/xxxxxxx.xpredictiveÉlevé
76Filex/xxxx/xxxx.xpredictiveÉlevé
77Filexxxx/xxxxpredictiveMoyen
78Filexxxxxx/xxxxx-xxxxx-xxx-xxxxxxx.xxxpredictiveÉlevé
79Filexxxxxxx-xxxxxx.xxxpredictiveÉlevé
80Filexxxx.xxxpredictiveMoyen
81Filexxxxxx/xxxxxx.xxxpredictiveÉlevé
82Filexxxx.xxxpredictiveMoyen
83Filexxxxxx.xxxpredictiveMoyen
84Filexxxx_xxxxxxxx.xxxpredictiveÉlevé
85Filexxx/xxxxx.xxpredictiveMoyen
86Filexxxxxxxxx-xx-xxxxxxxx.xxxpredictiveÉlevé
87Filexxx_xxxxx.xpredictiveMoyen
88Filexxxxx.xxxxxx.xxxxxxx.xxxpredictiveÉlevé
89Filexxxxxx.xxxpredictiveMoyen
90Filexxx/xxxxx/xxx.xpredictiveÉlevé
91File\xxxxx\x\xxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
92File\xxxxxx\xxxxxx\xxxxx_xxx.xxxxpredictiveÉlevé
93Libraryxxxxxx.xxxpredictiveMoyen
94Libraryxxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
95Libraryxxxxxxxxxxxxxx.xxxpredictiveÉlevé
96Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
97Libraryxxxxxx.xxxpredictiveMoyen
98Libraryxxx/xxxxxx.xpredictiveMoyen
99Libraryxxx/xxx_xxx.xpredictiveÉlevé
100Libraryxxxxxxxxxxx.xxxpredictiveÉlevé
101Libraryxxxxxxxxx.xxxpredictiveÉlevé
102Libraryxxxxxxxxxxxxxx.xxxpredictiveÉlevé
103Libraryxxxxxxxxxxx.xxxpredictiveÉlevé
104Libraryxxxxxx.xxpredictiveMoyen
105Libraryxxxxxxxxxxxxxxxxx.xxxpredictiveÉlevé
106Libraryxxxxxxxx.xxxpredictiveMoyen
107Libraryxxxx-xxxxxx.xxxpredictiveÉlevé
108Argument$_xxxxxx['xxxxxxx_xxx']predictiveÉlevé
109Argumentxxxxx xxxxpredictiveMoyen
110Argumentxxx_xxxxx[]/xxx_xxxxx[]predictiveÉlevé
111ArgumentxxxxpredictiveFaible
112ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveÉlevé
113ArgumentxxxxpredictiveFaible
114Argumentxxx_xx_xxxpredictiveMoyen
115Argumentxxxxxx_xxpredictiveMoyen
116Argumentxxxxxx_xxpredictiveMoyen
117ArgumentxxxxxxxxpredictiveMoyen
118Argumentxxxxxxxx_xxxx/xxxxxxxxxxx/xxxxxxxxxxx_xpredictiveÉlevé
119ArgumentxxxxxxpredictiveFaible
120ArgumentxxxxxxxpredictiveFaible
121Argumentxxxxxxxx_xxxxpredictiveÉlevé
122Argumentxx/xxxxx/xxxxxx/xxxxpredictiveÉlevé
123Argumentxxxxx/xxxxxxxxpredictiveÉlevé
124ArgumentxxxxxxpredictiveFaible
125ArgumentxxxxxxxxpredictiveMoyen
126ArgumentxxxxpredictiveFaible
127Argumentxxxxxxxxx/xx/xxxxxxxxpredictiveÉlevé
128Argumentxxxx xxxxpredictiveMoyen
129ArgumentxxxpredictiveFaible
130ArgumentxxpredictiveFaible
131ArgumentxxxxxxxxpredictiveMoyen
132ArgumentxxxxxxxxpredictiveMoyen
133ArgumentxxxpredictiveFaible
134ArgumentxxxxxxxxxxxxxxpredictiveÉlevé
135Argumentxxx_xx_xxxxxx/xxx_xxx_xxxxxxxxxxxpredictiveÉlevé
136ArgumentxxpredictiveFaible
137Argumentxxx_xxx_xxxpredictiveMoyen
138ArgumentxxxxpredictiveFaible
139Argumentxxxx-xxx-xxxxxxxxxpredictiveÉlevé
140ArgumentxxxxxxxxpredictiveMoyen
141ArgumentxxxxpredictiveFaible
142Argumentxxxx/xxxpredictiveMoyen
143Argumentxxx_xxxx[xxxx][xx]predictiveÉlevé
144Argumentxxx_xxxxxx[xxxx]predictiveÉlevé
145Argumentxxxx_xxxxpredictiveMoyen
146Argumentxxxxxxxxxxx/xxxxx_xxxxxxx/xxxxxxxxpredictiveÉlevé
147Argumentxxxx_xxxxxpredictiveMoyen
148Argumentxxxx_*predictiveFaible
149Argumentxxxxxx_xxxxpredictiveMoyen
150Argumentxxxxxxxxxxx_xxxxxxxx_x.x.x.xpredictiveÉlevé
151ArgumentxxxxxxxxxxpredictiveMoyen
152ArgumentxxxxxxxxxxpredictiveMoyen
153Argumentxxxxxx_xxxxpredictiveMoyen
154Argumentxxxxxx_xxxx/xxxxx_xx/xxxxx_xxxpredictiveÉlevé
155ArgumentxxxxxxpredictiveFaible
156ArgumentxxxxxpredictiveFaible
157ArgumentxxxxxxxxxxxxpredictiveMoyen
158Argumentxxx_xxxxpredictiveMoyen
159ArgumentxxxpredictiveFaible
160ArgumentxxxxxxxxpredictiveMoyen
161ArgumentxxxxpredictiveFaible
162ArgumentxxxxxpredictiveFaible
163Argumentxxxxxxxxxxxxxxx_xxxxxx_xxxx_xxpredictiveÉlevé
164Argumentxxx_xxxxxxpredictiveMoyen
165ArgumentxxxpredictiveFaible
166ArgumentxxxxxxxxxxpredictiveMoyen
167ArgumentxxxpredictiveFaible
168ArgumentxxxxxxpredictiveFaible
169Argumentxxxx xxxxpredictiveMoyen
170Argumentxxxxxxxx/xxxxxxxxpredictiveÉlevé
171Argumentx_xxxxpredictiveFaible
172Argumentx_xxxxxxxxpredictiveMoyen
173ArgumentxxxxxpredictiveFaible
174Argumentxx_xxxxxxxx/xx_xxxx_xxxxx/xx_xxxx_xxxxpredictiveÉlevé
175Input Valuexxxxxx xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)predictiveÉlevé
176Input Value<xxxxxx>xxxxx('x')</xxxxxx>predictiveÉlevé
177Input Valuex' xxxxx xxxxx(x) xxx 'xxxx'='xxxxpredictiveÉlevé
178Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictiveÉlevé
179Input Valuexxxxx%xxxxxx.xxx ' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxxpredictiveÉlevé
PrécédentAperçuSuivant

Do you need the next level of professionalism?

Upgrade your account now!