Settore Policeinfo

Timeframe: -28 days

Default Categories (69): Access Management Software, Android App Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Asset Management Software, Audio Processing Software, Backup Software, Big Data Software, Business Process Management Software, Calendar Software, Chat Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Human Capital Management Software, Image Processing Software, Information Management Software, IP Phone Software, Learning Management Software, Mail Client Software, Mail Server Software, Messaging Software, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Authentication Software, Network Camera Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Operating System Utility Software, Packet Analyzer Software, Photo Gallery Software, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, Server Management Software, Service Management Software, Smartphone Operating System, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Prodotto

Linux Kernel86
Microsoft Windows86
Google Chrome36
D-Link DIR-605L28
Juniper Junos OS Evolved24

Contromisure

Official Fix466
Temporary Fix0
Workaround2
Unavailable0
Not Defined200

Sfruttabilità

High2
Functional2
Proof-of-Concept66
Unproven96
Not Defined502

Accesso al vettore

Not Defined0
Physical10
Local86
Adjacent144
Network428

Autenticazione

Not Defined0
High62
Low360
None246

Interazione dell'utente

Not Defined0
Required174
None494

C3BM Index

CVSSv3 Base

≤10
≤20
≤310
≤438
≤5108
≤6132
≤7140
≤8148
≤990
≤102

CVSSv3 Temp

≤10
≤20
≤314
≤434
≤5126
≤6180
≤7124
≤8120
≤968
≤102

VulDB

≤10
≤20
≤328
≤464
≤5110
≤6114
≤7164
≤8102
≤984
≤102

NVD

≤1566
≤20
≤30
≤42
≤54
≤638
≤74
≤826
≤928
≤100

CNA

≤1324
≤20
≤36
≤44
≤530
≤652
≤758
≤874
≤9100
≤1020

Fornitore

≤1570
≤20
≤30
≤40
≤50
≤610
≤724
≤844
≤920
≤100

Exploiter 0 giorni

<1k52
<2k78
<5k172
<10k56
<25k136
<50k90
<100k70
≥100k14

Exploiter aujourd'hui

<1k210
<2k112
<5k172
<10k56
<25k104
<50k14
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en908
de48
ru8
ar6
sv6

Nazione

Attori

Attività

Interesse

Sequenza temporale

Genere

Fornitore

Prodotto

D-Link DIR-605L16
Microsoft Edge6
code-projects Pharmacy Management System6
code-projects Hospital Management System4
D-Link DIR-619L B14

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConEPSSCTICVE
1Tecno 4G Portable WiFi TR118 SMS Check goform_get_cmd_process sql injection4.74.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.000005.35-CVE-2024-10195
2PHPGurukul IFSC Code Finder Project search.php cross site scripting3.53.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000003.84CVE-2024-10192
3code-projects Hospital Management System get_doctor.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000002.73CVE-2024-10170
4code-projects Hospital Management System change-password.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000002.65CVE-2024-10169
5code-projects Pharmacy Management System manage_invoice.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.26CVE-2024-10136
6code-projects Pharmacy Management System manage_supplier.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.36CVE-2024-10140
7code-projects Pharmacy Management System add_new_purchase.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.33CVE-2024-10138
8code-projects Pharmacy Management System manage_medicine.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.23CVE-2024-10137
9code-projects Pharmacy Management System add_new_supplier.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.49CVE-2024-10139
10Topdata Inner Rep Plus WebServer td.js.gz crittografia debole2.72.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.67CVE-2024-10128
11Topdata Inner Rep Plus WebServer Operator Details Form InnerRepPlus.html rivelazione di un 'informazione2.72.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.46CVE-2024-10122
12code-projects Crud Operation System delete.php sql injection7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.001651.01CVE-2024-9812
13Oracle WebLogic Server Core autenticazione debole9.89.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.001480.96CVE-2024-21216
14Google Chrome AI buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000610.51CVE-2024-9954
15Google Chrome ParcelTracking buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.15CVE-2024-9961
16kubernetes-sigs image-builder Proxmox Provider Remote Code Execution9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000450.37CVE-2024-9486
17Google Chrome WebAuthentication buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.05CVE-2024-9955
18Google Chrome DevTools buffer overflow6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000430.42CVE-2024-9959
19Microsoft Edge4.34.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000460.69CVE-2024-43577
20OpenSSL Elliptic Curve API EC_GROUP_new_curve_GF2m buffer overflow7.37.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000440.28CVE-2024-9143

IOC - Indicator of Compromise (22)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
118.191.5.0/24Cobalt StrikepredictiveAlto
223.154.177.0/24B1txor20predictiveAlto
338.54.50.0/24ShadowPadpredictiveAlto
4XX.XX.XX.X/XXXxxx XxxxxxpredictiveAlto
5XX.XX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
6XX.XXX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
7XX.XXX.XXX.X/XXXxxxxxpredictiveAlto
8XX.XXX.XX.X/XXXxxxxx XxxxxxpredictiveAlto
9XX.XXX.XX.X/XXXxxxxxx XxxxxxpredictiveAlto
10XXX.XX.XXX.X/XXXxxxxpredictiveAlto
11XXX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
12XXX.XX.XX.X/XXXxxxx XxxpredictiveAlto
13XXX.XXX.X.X/XXXxxxxxxxxpredictiveAlto
14XXX.XX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
15XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
16XXX.XXX.XXX.X/XXXxxxx XxxxxxpredictiveAlto
17XXX.XX.XX.X/XXXxxxxxx XxxxxxpredictiveAlto
18XXX.XXX.XXX.X/XXXxxxpredictiveAlto
19XXX.XXX.XXX.X/XXXxxxx XxxxxxxpredictiveAlto
20XXX.XX.XX.X/XXXxxxxpredictiveAlto
21XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
22XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClasseVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CAPEC-126CWE-22, CWE-35Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveAlto
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
6TXXXXCAPEC-104CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-16CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
8TXXXXCAPEC-136CWE-XX, CWE-XX, CWE-XXXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
10TXXXXCAPEC-1CWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
11TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
12TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
13TXXXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
14TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
15TXXXX.XXXCAPEC-154CWE-XXXXxxxxxxxxxxxpredictiveAlto
16TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
17TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
18TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveAlto
19TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
20TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
21TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
22TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto
23TXXXXCAPEC-CWE-XXXXxxxxxxxxxx XxxxxxpredictiveAlto

IOA - Indicator of Attack (136)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/add_new_purchase.php?action=is_supplierpredictiveAlto
2File/add_new_supplier.phppredictiveAlto
3File/admin.php?page=albumpredictiveAlto
4File/admin.php?page=photopredictiveAlto
5File/admin/categories/manage_category.phppredictiveAlto
6File/admin/contacts/organizations/edit/2predictiveAlto
7File/cgi-bin/ipfedr.cgipredictiveAlto
8File/cgi-bin/mainfunction.cgipredictiveAlto
9File/edit1.phppredictiveMedia
10File/goform/formAdvanceSetuppredictiveAlto
11File/goform/formAdvFirewallpredictiveAlto
12File/goform/formAdvNetworkpredictiveAlto
13File/goform/formDeviceRebootpredictiveAlto
14File/goform/formdumpeasysetuppredictiveAlto
15File/goform/formEasySetPasswordpredictiveAlto
16File/goform/formEasySetTimezonepredictiveAlto
17File/goform/formEasySetupWizardpredictiveAlto
18File/goform/formEasySetupWWConfigpredictiveAlto
19File/goform/formLogDnsquerypredictiveAlto
20File/goform/formResetStatisticpredictiveAlto
21File/goform/formSetDDNSpredictiveAlto
22File/xxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveAlto
23File/xxxxxx/xxxxxxxxxxx_xxxxxxpredictiveAlto
24File/xxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveAlto
25File/xxxxxx/xxxxxxxxxxpredictiveAlto
26File/xxxxxx/xxxxxxxxxxxxxxxxpredictiveAlto
27File/xxxxxx/xxxxxxxxxxxpredictiveAlto
28File/xxxxxx/xxxxxxxxxxxxxxxpredictiveAlto
29File/xxxxxx/xxxxxxxxxxxxxpredictiveAlto
30File/xxxxxx/xxxxxxxxxxpredictiveAlto
31File/xxxxxx/xxxxxxxxxxxxpredictiveAlto
32File/xxxxxx/xxxxxxxxxxxxxxpredictiveAlto
33File/xxxxxx/xxxxxxxxxxxxxxxxxxpredictiveAlto
34File/xxxxxx/xxxxxxxxxxxxxxxpredictiveAlto
35File/xxxxxx/xxxxxxxxxxxxxxpredictiveAlto
36File/xxxxxx/xxxxxxxxxxxxxxxxxxxxxxxpredictiveAlto
37File/xxxxxx/xxxxxxxxxxxxxxxpredictiveAlto
38File/xxxxxx/xxxxxxxxxxxxxpredictiveAlto
39File/xxxxxx/xxxxxxxxxxxxx_xxxxxxpredictiveAlto
40File/xxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveAlto
41File/xxxxxx/xxxxxx_xxx_xxx_xxxxxxxpredictiveAlto
42File/xxxxx.xxxpredictiveMedia
43File/xxxxxxxxxxxx.xxxxpredictiveAlto
44File/xxxxxxxxxx/xxxxxxpredictiveAlto
45File/xxxxxx_xxxxxxx.xxxpredictiveAlto
46File/xxxxxx_xxxxxxxx.xxx?xxxxxx=xxxxxxpredictiveAlto
47File/xxxxxx_xxxxxxxx.xxxpredictiveAlto
48File/xxx/xxx_xxx_xxxxxxxx.xxxpredictiveAlto
49File/xxx/xxxxxx_xxxxxxxx.xxx?xxxxxx=xxxxxxpredictiveAlto
50File/xxx/xxxxxx_xxxxxxxx_xxxxx.xxxpredictiveAlto
51File/xxx/xxxxxx_xxxxxxxx.xxx?xxxxxx=xxxxxx&xxx=xxxxxxx_xxxxxxpredictiveAlto
52File/xxx/xxxxxx_xxxxxxxx.xxx?xxxxxx=xxxxxxpredictiveAlto
53File/xxxxxx/xxxxxxxxx/xxxxx/xxxx.xpredictiveAlto
54File/xxxxxxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
55File/xxx/xxxx/xxxxxxxpredictiveAlto
56Filexxxxxxx_xxxx_xxxxxxx_xxxxxx_xxx.xpredictiveAlto
57Filexxxxx.xxxpredictiveMedia
58Filexxxxxx-xxxxxxxx.xxxpredictiveAlto
59Filexxxxxxxxxxxxxxxx.xxpredictiveAlto
60FilexxxxpredictiveBasso
61Filexxxxxx.xxxpredictiveMedia
62Filexxxxxxx/xxx/xxxxxxxx/xxxxx/xxxxxxx/xxx-xxxxx.xpredictiveAlto
63Filexxx.xxxxpredictiveMedia
64Filexxxx/xxx/xxxxxxxxx-x/xxxxxxx/xxxxxxxxxxxpredictiveAlto
65Filexxxxxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
66Filexxx_xxxxxx.xxxpredictiveAlto
67Filexxxx.xxxpredictiveMedia
68Filexxxxxx/xxxxxxx/xxxxx.xpredictiveAlto
69Filexxxxxxxxxxxxx.xxxpredictiveAlto
70Filexxxxxxxxxxxx.xxxpredictiveAlto
71Filexxxx.xxxpredictiveMedia
72Filexxxxxxxxx_xxxx.xxxpredictiveAlto
73FilexxxxxxxpredictiveBasso
74Filexxx_xxxxxx.xxxpredictiveAlto
75Filexxxxxx.xxxpredictiveMedia
76Filexxxxxxxxxxx.xxxpredictiveAlto
77Filexxx/xxx/xxx/xxxxx/xxxxx.xxpredictiveAlto
78Filexx.xx.xxpredictiveMedia
79Filexxx_xxxxxx_xxx_xxxx.xxxpredictiveAlto
80Filexxxxx.xxxpredictiveMedia
81Filexxxxx.xxxpredictiveMedia
82Filexx-xxxxxx.xxxpredictiveAlto
83Filexxxxxx/xxxxxx/xxxxxxxxx/xxxxxxxx/xxx/xxx_xxxxxx.xpredictiveAlto
84Libraryxxx/xxxxxxx-xxxxx-xxxx.xpredictiveAlto
85Libraryxxx_xxxxxxxx_xxx.xxpredictiveAlto
86Libraryxxxxxx/xxx/xxxxx/xxxx.xpredictiveAlto
87Argumentxxx-xxxxxpredictiveMedia
88Argumentxxxxx xxxxpredictiveMedia
89Argumentxxxxxx_xxpredictiveMedia
90Argumentxx_xxxxpredictiveBasso
91ArgumentxxxpredictiveBasso
92ArgumentxxxxpredictiveBasso
93Argumentxxxxxx_xxxxxxxxpredictiveAlto
94ArgumentxxxxxxpredictiveBasso
95ArgumentxxxxxpredictiveBasso
96ArgumentxxxxxxxpredictiveBasso
97ArgumentxxxxxxxxxxxpredictiveMedia
98Argumentxxxxxx_xxxxpredictiveMedia
99Argumentxxxxxx_xxxxxpredictiveMedia
100Argumentxxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveAlto
101ArgumentxxxxxxxxxxxxxxxxxxxxxxpredictiveAlto
102Argumentxxxxxx/xxxxxpredictiveMedia
103ArgumentxxxxpredictiveBasso
104ArgumentxxpredictiveBasso
105Argumentxxxxxxx_xxxxxxpredictiveAlto
106ArgumentxxxxxxxxxpredictiveMedia
107ArgumentxxxpredictiveBasso
108Argumentxxxx_xxxx_xpredictiveMedia
109ArgumentxxxxxxpredictiveBasso
110Argumentxxxx_xxxxxpredictiveMedia
111Argumentxxxxxxxxxxxxxx/xxxxxxxx/xxxxxxxxpredictiveAlto
112ArgumentxxxxxxxxxxpredictiveMedia
113ArgumentxxxxxxpredictiveBasso
114ArgumentxxxxxpredictiveBasso
115Argumentxxx_xxpredictiveBasso
116ArgumentxxxxpredictiveBasso
117Argumentxxxx/xxxxxxx/xxxxxxx_xxxx/xxxxxxxxx_xxxxpredictiveAlto
118Argumentxxxx_xxxxpredictiveMedia
119ArgumentxxxxxpredictiveBasso
120Argumentxxxxx_xxpredictiveMedia
121Argumentxxxxxxxxxxxx xxxxpredictiveAlto
122ArgumentxxxxxxxxxxxxxxxxxxpredictiveAlto
123ArgumentxxxxxpredictiveBasso
124ArgumentxxxxxxxxxxxxpredictiveMedia
125Argumentxxxxx_xxxxpredictiveMedia
126ArgumentxxxpredictiveBasso
127ArgumentxxxpredictiveBasso
128ArgumentxxxxxxxxxxxxxxxpredictiveAlto
129ArgumentxxxxpredictiveBasso
130ArgumentxxxxpredictiveBasso
131Argumentxxxxxx xxxxpredictiveMedia
132ArgumentxxxxxxxxxxpredictiveMedia
133ArgumentxxxxpredictiveBasso
134ArgumentxxxxxxxxpredictiveMedia
135ArgumentxxxpredictiveBasso
136ArgumentxxxxxxxpredictiveBasso

This view requires CTI permissions

Just purchase a CTI license today!