Generic Analisi

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (70)

Linguaggio

en	52
pl	14
de	2
zh	2

Nazione

pl	30
us	14
cn	4
de	2
ru	2

Attori

Generic	8
Meterpreter	2
XLoader	1
Cobalt Strike	1
LokiBot	1

Interesse

Genere

Not Defined	26
Network Utility Software	4
Firewall Software	2
Programming Language Software	2
Router Operating System	2

Fornitore

Not Defined	20
Microsoft	4
VWar	4
Cisco	2
F5	2

Prodotto

VWar Virtual War	4
cURL	4
libcURL	4
Cisco HyperFlex HX Data Platform	2
F5 BIG-IP	2

Vulnerabilità

#	Vulnerabilità	Base	Temp	0day	Oggi	Sfr	Con	EPSS	CTI	CVE
1	cURL/libcURL Cookie File stat race condition	4.7	4.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00043	0.02	CVE-2023-32001
2	Hypersilence Silentum Guestbook silentum_guestbook.php sql injection	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00107	0.08	CVE-2009-4687
3	F5 BIG-IP Configuration Utility directory traversal	9.3	9.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00321	0.07	CVE-2023-41373
4	Google WebP libwebp buffer overflow	7.5	7.4	$5k-$25k	$0-$5k	High	Official Fix	0.49095	0.04	CVE-2023-4863
5	ZyXEL P660HN-T1A Remote System Log Forwarder ViewLog.asp escalazione di privilegi	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.97521	0.03	CVE-2017-18368
6	SailPoint IdentityIQ Lifecycle Manager escalazione di privilegi	5.8	5.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00043	0.03	CVE-2024-1714
7	Bricks Plugin autenticazione debole	7.3	7.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.02	CVE-2024-25600
8	agnivade easy-scrypt scrypt.go VerifyPassphrase rivelazione di un 'informazione	3.5	3.5	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00188	0.04	CVE-2014-125055
9	GNU C Library __vsyslog_internal buffer overflow	7.8	7.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00770	0.16	CVE-2023-6246
10	Apache Tomcat Commons FileUpload denial of service	5.5	5.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00045	0.03	CVE-2023-42794
11	HP Integrated Lights-Out IPMI Protocol escalazione di privilegi	8.2	8.0	$5k-$25k	$0-$5k	High	Workaround	0.27196	0.02	CVE-2013-4786
12	Microsoft Outlook autenticazione debole	9.0	8.6	$5k-$25k	$0-$5k	Functional	Official Fix	0.92353	0.08	CVE-2023-23397
13	DZCP deV!L`z Clanportal config.php escalazione di privilegi	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.87	CVE-2010-0966
14	Tiki Admin Password tiki-login.php autenticazione debole	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00936	3.07	CVE-2020-15906
15	Proofpoint Enterprise Protection AdminUI cross site scripting	5.2	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00052	0.00	CVE-2023-5771
16	Microsoft Exchange Server Privilege Escalation	8.0	7.3	$5k-$25k	$5k-$25k	Unproven	Official Fix	0.00065	0.01	CVE-2023-36756
17	Apache Log4j Chainsaw/SocketAppender denial of service	5.5	5.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00206	0.00	CVE-2023-26464
18	Fortinet FortiSandbox HTTP Request directory traversal	7.4	7.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00094	0.00	CVE-2023-41682
19	Oracle MySQL Workbench denial of service	7.5	7.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00303	0.00	CVE-2023-0215
20	Cacti Regular Expression sql injection	5.5	5.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00112	0.07	CVE-2023-39365

IOC - Indicator of Compromise (33)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	indirizzo IP	Hostname	Attore	Identified	Genere	Fiducia
1	52.15.72.79	ec2-52-15-72-79.us-east-2.compute.amazonaws.com	Generic	08/04/2022	verified	Media
2	52.15.194.28	ec2-52-15-194-28.us-east-2.compute.amazonaws.com	Generic	08/04/2022	verified	Media
3	52.72.89.116	ec2-52-72-89-116.compute-1.amazonaws.com	Generic	08/04/2022	verified	Media
4	52.204.47.183	ec2-52-204-47-183.compute-1.amazonaws.com	Generic	08/04/2022	verified	Media
5	64.98.145.30	url.hover.com	Generic	08/04/2022	verified	Alto
6	67.228.43.214	d6.2b.e443.ip4.static.sl-reverse.com	Generic	08/04/2022	verified	Alto
7	68.65.121.51	strategic.com.ua	Generic	08/04/2022	verified	Alto
8	XX.XX.XX.XX	xxxxxxxxx-x.xxxxxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
9	XX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxx.xxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
10	XX.XX.XXX.XXX	xxxxx.xxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
11	XX.XXX.XXX.XX		Xxxxxxx	08/04/2022	verified	Alto
12	XXX.XX.XX.XX		Xxxxxxx	08/04/2022	verified	Alto
13	XXX.XX.XXX.XX		Xxxxxxx	08/04/2022	verified	Alto
14	XXX.XX.XXX.XXX		Xxxxxxx	08/04/2022	verified	Alto
15	XXX.XXX.XX.XX	xx-xxx-xxx-xx-xx.xxxxxx.xxxxxxxxxxxx.xxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
16	XXX.XXX.XXX.XXX	xxxxxx.xxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
17	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxx.xxxxxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
18	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx-xxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
19	XXX.XXX.XXX.XXX		Xxxxxxx	08/04/2022	verified	Alto
20	XXX.XXX.XXX.XXX	xx-xx-xxxx.xxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
21	XXX.XX.XXX.XX		Xxxxxxx	08/04/2022	verified	Alto
22	XXX.XX.XXX.XX	xxxxxx.xxxxxxx.xx	Xxxxxxx	08/04/2022	verified	Alto
23	XXX.XXX.XXX.XXX	xx-xxx-xxx-xxx-xxx.xx.xxxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
24	XXX.XXX.XXX.XX	xxxx-xxxxxxx-xxxxxxx.xxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
25	XXX.XX.XXX.XXX		Xxxxxxx	08/04/2022	verified	Alto
26	XXX.XX.XXX.XXX		Xxxxxxx	08/04/2022	verified	Alto
27	XXX.XXX.XXX.XXX	xx.xxxxxxxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
28	XXX.XX.XX.XXX	xxx-xx-xx-xxx.xxx.xxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
29	XXX.XXX.XXX.XXX	xxx-xxx-xxx-xxx.xxxxxxxx.xxxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
30	XXX.XX.XXX.XX	xxxxxxxx.xxx.xxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
31	XXX.XX.XXX.XX	xxxxxxxxx.xxxxxxxxxxxxx.xxx	Xxxxxxx	08/04/2022	verified	Alto
32	XXX.XXX.XX.XX		Xxxxxxx	08/04/2022	verified	Alto
33	XXX.XXX.XXX.XXX		Xxxxxxx	08/04/2022	verified	Alto

TTP - Tactics, Techniques, Procedures (13)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilità	Accesso al vettore	Genere	Fiducia
1	T1006	CWE-22	Path Traversal	predictive	Alto
2	T1040	CWE-294	Authentication Bypass by Capture-replay	predictive	Alto
3	T1059	CWE-94	Argument Injection	predictive	Alto
4	TXXXX.XXX	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Alto
5	TXXXX	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
6	TXXXX	CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Alto
7	TXXXX.XXX	CWE-XXX	Xxxx Xxxxxxxx	predictive	Alto
8	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Alto
9	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
10	TXXXX	CWE-XXX	Xxxxxxxxx Xxxxxx Xxxx	predictive	Alto
11	TXXXX.XXX	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
12	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto
13	TXXXX	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	Alto

IOA - Indicator of Attack (32)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Genere	Fiducia
1	File	/accountancy/admin/accountmodel.php	predictive	Alto
2	File	/apply_noauth.cgi	predictive	Alto
3	File	/dev/mapper/control	predictive	Alto
4	File	announcements.php	predictive	Alto
5	File	xxxxxxxx.xxx	predictive	Media
6	File	xxxxxxxxxxxx_xxxx.xxx	predictive	Alto
7	File	xxx/xxxxxx.xxx	predictive	Alto
8	File	xxxxxxx.xxx	predictive	Media
9	File	xxxxx.xxx	predictive	Media
10	File	xxxxxxxx/xxxxxxxxx	predictive	Alto
11	File	xxxxxxxx.xxx	predictive	Media
12	File	xxxxxxxx.xxx	predictive	Media
13	File	xxxx_xxx.x	predictive	Media
14	File	xxxxxx.xx	predictive	Media
15	File	xxxxxxxx_xxxxxxxxx.xxx	predictive	Alto
16	File	xxxx-xxxxx.xxx	predictive	Alto
17	File	xxxxxxx.xxx	predictive	Media
18	File	xxx.xxx	predictive	Basso
19	File	xx-xxxxxxxx/xxxxxxx-xxxxxxxx.xxx	predictive	Alto
20	File	xxxx/xxxx_xxxxxx.x	predictive	Alto
21	Argument	xxxxxxxxxxx	predictive	Media
22	Argument	xxxxxxxx	predictive	Media
23	Argument	xxxxxxxx	predictive	Media
24	Argument	xxxx	predictive	Basso
25	Argument	xxxxx	predictive	Basso
26	Argument	xxxx_xxxx	predictive	Media
27	Argument	xxxxxxxxx	predictive	Media
28	Argument	xxxxx	predictive	Basso
29	Argument	xxxxxxx_xxx	predictive	Media
30	Argument	xxxxxx_xxxx	predictive	Media
31	Argument	xxxxxxxxx	predictive	Media
32	Argument	xxxxxxx	predictive	Basso

Referenze (9)

The following list contains external sources which discuss the actor and the associated activities:

◂ PrecedenteVisione D'insiemeIl prossimo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!