Denonia Analisi

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (106)

Linguaggio

en	26
it	20
pt	16
fr	8
de	8

Nazione

de	106

Attori

Denonia	2

Interesse

Genere

Not Defined	16
Content Management System	2

Fornitore

Not Defined	12
LabVantage	2
BACKCLICK	2
CIMTechniques	2

Prodotto

Serpico	8
WordPress	2
LabVantage LIMS	2
BACKCLICK Professional	2
QuickBox Pro	2

Vulnerabilità

#	Vulnerabilità	Base	Temp	0day	Oggi	Sfr	Con	EPSS	CTI	CVE
1	Zoom Screen Sharing rivelazione di un 'informazione	4.8	4.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00183	0.00	CVE-2021-28133
2	Serpico cross site request forgery	6.5	6.2	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00073	0.03	CVE-2019-19854
3	TopManage OLK Session Cookie cross site scripting	5.2	4.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00291	0.00	CVE-2020-6845
4	Serpico escalazione di privilegi	5.3	4.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00084	0.04	CVE-2019-19859
5	BACKCLICK Professional cross site scripting	4.8	4.7	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00063	0.04	CVE-2022-44002
6	Serpico Password Change rivelazione di un 'informazione	6.4	5.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00072	0.00	CVE-2019-19857
7	LabVantage LIMS Database Name rivelazione di un 'informazione	5.3	4.8	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.03584	0.00	CVE-2020-7959
8	Serpico list_user Stored cross site scripting	3.6	3.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00050	0.00	CVE-2019-19856
9	CIMTechniques CIMScan SOAP WSDL Parser GetSqlData sql injection	8.4	8.4	$0-$5k	$0-$5k	High	Not Defined	0.00256	0.02	CVE-2018-16803
10	Serpico list_user Stored cross site scripting	3.6	3.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00050	0.04	CVE-2019-19855
11	Jason2605 AdminPanel editPlayer.php sql injection	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00127	0.00	CVE-2020-13433
12	Serpico UID Stored cross site scripting	3.6	3.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00050	0.04	CVE-2019-19858
13	QuickBox Pro cross site scripting	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00078	0.00	CVE-2021-45281
14	PHP Scripts Mall Citysearch Clone Script restaurants-details.php Reflected cross site scripting	5.2	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00070	0.00	CVE-2019-6248
15	WordPress Thumbnail escalazione di privilegi	7.5	7.5	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00990	0.03	CVE-2018-1000773
16	Automattic Jetpack sql injection	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.00064	0.02	CVE-2011-4673
17	Apache Tomcat Servlets escalazione di privilegi	5.9	5.8	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00110	0.02	CVE-2018-1305

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	indirizzo IP	Hostname	Attore	Identified	Genere	Fiducia
1	116.203.4.0	static.0.4.203.116.clients.your-server.de	Denonia	07/04/2022	verified	Alto
2	XXX.XXX.XX.XX	xxxxx.xxxx.xxxx.xx	Xxxxxxx	07/04/2022	verified	Alto
3	XXX.XX.XXX.XX	x.xx.xxxxxxx.xxx	Xxxxxxx	07/04/2022	verified	Alto

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Classe	Vulnerabilità	Accesso al vettore	Genere	Fiducia
1	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	Alto
2	TXXXX	CAPEC-19	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
3	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
4	TXXXX	CAPEC-102	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
5	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Genere	Fiducia
1	File	admin/add_user/UID	predictive	Alto
2	File	admin/list_user	predictive	Alto
3	File	xxxxxxxxxxxxx.xxx?xxxxxxxxxx=xxx	predictive	Alto
4	File	xxxxxxxxxx.xxx	predictive	Alto
5	File	xxxxxxxxxxx-xxxxxxx.xxx	predictive	Alto
6	Argument	xxxxxx	predictive	Basso
7	Argument	xxxx_xxxx	predictive	Media
8	Argument	xxxxxx	predictive	Basso
9	Argument	xx	predictive	Basso
10	Argument	xxxx	predictive	Basso
11	Argument	xxxx	predictive	Basso

Referenze (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PrecedenteVisione D'insiemeIl prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!