Chalubo Analisi

IOB - Indicator of Behavior (45)

Sequenza temporale

Linguaggio

en38
zh6
de2

Nazione

cn28
us14
de2

Attori

Attività

Interesse

Sequenza temporale

Genere

Fornitore

Prodotto

Joomla CMS4
Forcepoint Email Security2
Dovecot2
Apache Sling2
QNAP QTS2

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConEPSSCTICVE
1Cisco Unified Communications Manager TLS Certificate crittografia debole5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.001100.00CVE-2014-7991
2Mobile Device Monitoring Service API escalazione di privilegi5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.001510.00CVE-2022-0732
3Deltek Vision RPC over HTTP SQL sql injection8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.005760.03CVE-2018-18251
4Kerio Connect/Connect Client Desktop Application E-Mail Preview escalazione di privilegi6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001850.05CVE-2017-7440
5Google Chrome V8 escalazione di privilegi7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000820.05CVE-2024-0518
6Google Chrome V8 rivelazione di un 'informazione7.57.4$25k-$100k$5k-$25kHighOfficial Fix0.001790.00CVE-2024-0519
7Fortinet FortiWeb Authorization Header sql injection7.77.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001310.05CVE-2020-29015
8Ignition Automation Ignition JavaSerializationCodec escalazione di privilegi9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000650.03CVE-2023-39476
9QNAP QTS Photo Station escalazione di privilegi8.58.4$0-$5k$0-$5kHighOfficial Fix0.963410.06CVE-2019-7192
10Hikvision Hybrid SAN Web Module escalazione di privilegi8.28.1$0-$5k$0-$5kNot DefinedOfficial Fix0.267700.05CVE-2022-28171
11Synacor Zimbra Collaboration mboximport directory traversal4.74.5$0-$5k$0-$5kHighOfficial Fix0.947580.03CVE-2022-27925
12Gitblit directory traversal6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.007730.07CVE-2022-31268
13Open Webmail openwebmail-main.pl cross site scripting4.34.2$0-$5k$0-$5kHighUnavailable0.002490.00CVE-2007-4172
14Johannes Sixt Kdbg .kdbgrc escalazione di privilegi5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2003-0644
15Litespeed Technologies OpenLiteSpeed Web Server Dashboard directory traversal5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000710.04CVE-2022-0072
16Dovecot Quoted String buffer overflow8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.613880.04CVE-2019-11500
17MODX CMS modRestServiceRequest XML External Entity7.37.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002360.00CVE-2020-25911
18RoundCube sql injection6.36.0$0-$5k$0-$5kHighOfficial Fix0.004350.03CVE-2021-44026
19Valmet DNA Service Port 1517 escalazione di privilegi9.39.3$0-$5k$0-$5kNot DefinedNot Defined0.001540.00CVE-2021-26726
20WordPress URL escalazione di privilegi8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.007120.00CVE-2019-17670

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDindirizzo IPHostnameAttoreCampagneIdentifiedGenereFiducia
1103.27.185.139Chalubo24/01/2022verifiedMedia
2XXX.XX.XXX.XXXxxxxxx24/01/2022verifiedMedia
3XXX.XXX.XXX.XXXXxxxxxx30/05/2024verifiedVery High
4XXX.XXX.XXX.XXXXxxxxxx30/05/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File.kdbgrcpredictiveBasso
2File/resources//../predictiveAlto
3File/xxxxxxx/predictiveMedia
4Filexxxxxxxx/xxxxxxxxxx/xxxxx-xx-xxxxxxxxx-xxxxxxxx.xxxpredictiveAlto
5Filexxxxx.xxxpredictiveMedia
6Filexxxxxxxxxxx-xxxx.xxpredictiveAlto
7Filexxxx.xx.xxpredictiveMedia
8Argumentxxxxxx_xxxxx_xxxpredictiveAlto
9ArgumentxxxpredictiveBasso
10Argumentxxxxxx/xxxxxx_xxxxxxpredictiveAlto
11Input Valuexxxx/xxxxx/xxxxxxxx/xxxxxxx/xx/xxxxxxx/xxxxxxxxxx/xx_xxxxpredictiveAlto
12Input Value\xpredictiveBasso
13Network PortxxxxxpredictiveBasso
14Network Portxxx/xx (xxx)predictiveMedia

Referenze (3)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!