Settore Transportationinfo

Timeframe: -14 days

Default Categories (62): Access Management Software, Accounting Software, Advertising Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Automation Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Cloud Software, Communications System, Connectivity Software, Customer Relationship Management System, Database Administration Software, Database Software, Directory Service Software, Document Management Software, Document Reader Software, E-Commerce Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Hardware Driver Software, Information Management Software, Log Management Software, Mail Client Software, Mail Server Software, Middleware, Multimedia Player Software, Network Attached Storage Software, Network Authentication Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Router Operating System, SCADA Software, Server Management Software, Service Management Software, Software Library, Spreadsheet Software, SSH Server Software, Ticket Tracking Software, Transport Management Software, Unified Communication Software, Video Surveillance Software, Virtualization Software, Web Browser, Web Server, Windowing System Software, Wireless LAN Software, Word Processing Software

Sequenza temporale

Fornitore

Prodotto

Linux Kernel110
QNAP QTS22
QNAP QuTS hero22
Mozilla Firefox22
Cisco Catalyst SD-WAN Manager16

Contromisure

Official Fix276
Temporary Fix0
Workaround0
Unavailable0
Not Defined104

Sfruttabilità

High4
Functional0
Proof-of-Concept22
Unproven0
Not Defined354

Accesso al vettore

Not Defined0
Physical6
Local14
Adjacent126
Network234

Autenticazione

Not Defined0
High44
Low198
None138

Interazione dell'utente

Not Defined0
Required94
None286

C3BM Index

CVSSv3 Base

≤10
≤22
≤312
≤438
≤5120
≤696
≤732
≤864
≤910
≤106

CVSSv3 Temp

≤10
≤22
≤312
≤444
≤5118
≤6104
≤738
≤846
≤910
≤106

VulDB

≤10
≤26
≤310
≤460
≤5124
≤680
≤722
≤864
≤98
≤106

NVD

≤1352
≤20
≤30
≤40
≤56
≤612
≤70
≤88
≤90
≤102

CNA

≤1226
≤22
≤310
≤46
≤528
≤620
≤732
≤836
≤916
≤104

Fornitore

≤1380
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Exploiter 0 giorni

<1k50
<2k32
<5k156
<10k40
<25k72
<50k26
<100k4
≥100k0

Exploiter aujourd'hui

<1k178
<2k74
<5k84
<10k36
<25k8
<50k0
<100k0
≥100k0

Sfrutta il volume del mercato

IOB - Indicator of Behavior (1000)

Sequenza temporale

Linguaggio

en840
ja76
fr36
de28
zh6

Nazione

Attori

Attività

Interesse

Sequenza temporale

Genere

Fornitore

Prodotto

QNAP QTS16
QNAP QuTS hero16
Zabbix12
Linux Kernel8
Mozilla Firefox6

Vulnerabilità

#VulnerabilitàBaseTemp0dayOggiSfrConEPSSCTICVE
1code-projects Concert Ticket Ordering System tour(cor).php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.79-CVE-2024-11970
2D-Link DIR-605L formSetPortTr buffer overflow8.88.4$25k-$100k$0-$5kProof-of-ConceptNot Defined0.000001.52CVE-2024-11960
3Zabbix API addRelatedObjects sql injection8.18.1$0-$5k$0-$5kNot DefinedNot Defined0.000433.37CVE-2024-42327
4D-Link DIR-605L formResetStatistic buffer overflow8.88.4$25k-$100k$0-$5kProof-of-ConceptNot Defined0.000001.16CVE-2024-11959
5code-projects Simple Car Rental System login.php sql injection7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000002.99CVE-2024-11962
6code-projects Farmacia pagamento.php sql injection7.57.2$0-$5k$0-$5kNot DefinedNot Defined0.000002.47CVE-2024-11968
7Zabbix HttpRequest Format String8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000432.19CVE-2024-42330
8Cradlepoint NetCloud Exchange Client escalazione di privilegi8.38.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.96-CVE-2024-11969
97-Zip Zstandard Decompression buffer overflow6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.97CVE-2024-11477
10Linux Kernel bcm_proc_show buffer overflow7.16.8$5k-$25k$5k-$25kNot DefinedOfficial Fix0.000000.86-CVE-2023-52922
11Zabbix Cookie autenticazione debole7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.000000.82CVE-2024-36466
12HAProxy Access Control List escalazione di privilegi5.35.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.57CVE-2024-53008
13ProFTPD mod_sql buffer overflow8.07.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.49CVE-2024-48651
14Apache Tomcat ServerAuthContext Component Remote Code Execution7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000430.37CVE-2024-52316
15LegalWeb Cloud Plugin cross site scripting4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.000000.41CVE-2024-11761
16GNU Emacs elisp-mode.el escalazione di privilegi5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000450.24CVE-2024-53920
17Wallet for WooCommerce Plugin Privilege Escalation6.46.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.20CVE-2024-7747
18Automation Web Platform Wawp Plugin autenticazione debole8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000000.17CVE-2024-52475
19Zabbix Media Type Export escalazione di privilegi2.72.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.14CVE-2024-36464
20Zabbix email.c rivelazione di un 'informazione2.72.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.17CVE-2024-42333

IOC - Indicator of Compromise (22)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP rangeAttoreGenereFiducia
145.141.215.0/24RedLine StealerpredictiveAlto
254.213.123.0/24DealplypredictiveAlto
365.19.141.0/24CarbanakpredictiveAlto
4XX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
5XX.XX.XXX.X/XXXxxxxxxpredictiveAlto
6XXX.XX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
7XXX.XXX.XX.X/XXXxxxxpredictiveAlto
8XXX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
9XXX.XXX.XXX.X/XXXxxxxxxpredictiveAlto
10XXX.XXX.XXX.X/XXXxxxxxpredictiveAlto
11XXX.XXX.XX.X/XXXxxxxpredictiveAlto
12XXX.XX.XXX.X/XXXxxxxpredictiveAlto
13XXX.XXX.XXX.X/XXXxxxpredictiveAlto
14XXX.XXX.XXX.X/XXXxxxx XxxxxxxpredictiveAlto
15XXX.XXX.XX.X/XXXxxxxxxxpredictiveAlto
16XXX.XX.XXX.X/XXXxxxxxpredictiveAlto
17XXX.XX.XXX.X/XXXxxxxxxxpredictiveAlto
18XXX.XX.XXX.X/XXXxxxxx XxxxxxpredictiveAlto
19XXX.XXX.XX.X/XXXxxxxpredictiveAlto
20XXX.XXX.XXX.X/XXXxxxxxx XxxxxxxpredictiveAlto
21XXX.XX.XX.X/XXXxxxxpredictiveAlto
22XXX.XXX.XX.X/XXXxxxxxxxxxpredictiveAlto

TTP - Tactics, Techniques, Procedures (20)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClasseVulnerabilitàAccesso al vettoreGenereFiducia
1T1006CAPEC-126CWE-22, CWE-24, CWE-32, CWE-35Path TraversalpredictiveAlto
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
3T1059CAPEC-137CWE-88, CWE-94, CWE-1321Argument InjectionpredictiveAlto
4T1059.007CAPEC-209CWE-79, CWE-80Basic Cross Site ScriptingpredictiveAlto
5TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
6TXXXX.XXXCAPEC-XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
7TXXXXCAPEC-XXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
8TXXXX.XXXCAPEC-XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
9TXXXXCWE-XXXXXxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxx Xxxxxxxx Xxxx Xx X Xxxxxxxx XxxxxxpredictiveAlto
10TXXXXCAPEC-XCWE-XXXXxxxxxxxxx XxxxxxpredictiveAlto
11TXXXXCAPEC-XXXCWE-XXXxx XxxxxxxxxpredictiveAlto
12TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
13TXXXXCAPEC-XXXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
14TXXXXCAPEC-XXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
15TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxxxxxxpredictiveAlto
16TXXXXCAPEC-XXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
17TXXXX.XXXCAPEC-XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
18TXXXXCAPEC-XXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
19TXXXX.XXXCAPEC-XXXCWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
20TXXXX.XXXCAPEC-XCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (73)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorGenereFiducia
1File/add.phppredictiveMedia
2File/admin/about-us.phppredictiveAlto
3File/admin/add-customer.phppredictiveAlto
4File/admin/add-services.phppredictiveAlto
5File/admin/edit-services.phppredictiveAlto
6File/admin/search-appointment.phppredictiveAlto
7File/admin/view-appointment.phppredictiveAlto
8File/api/dev-console/proxy/internetpredictiveAlto
9File/Basics/DownloadInpFilepredictiveAlto
10File/xxxx_xxx.xxxpredictiveAlto
11File/xxx/xxxxxxxxxxxxpredictiveAlto
12File/xxxxxx_xxxxxxxx_xxxxxxx.xxxpredictiveAlto
13File/xxxxxx_xxxxxxxx_xxxxxxx.xxxpredictiveAlto
14File/xxxxxx/xxxxxxxxxxxxxxxxxxpredictiveAlto
15File/xxxxxx/xxxxxxxxxxxxxpredictiveAlto
16File/x/xxxxpredictiveBasso
17File/xxxxx.xxxpredictiveMedia
18File/xxxxxx/xxxxxxxx/xxxxxpredictiveAlto
19File/xxxxxxxxxx/xxxxxxxxxxpredictiveAlto
20File/xxxxxxxx.xxxpredictiveAlto
21File/xxxx(xxx).xxxpredictiveAlto
22File/xxxxxx/xxxxxxxxxxpredictiveAlto
23Filexxxxxxx.xpredictiveMedia
24Filexxxxxx/xxxxxxxxxxxx/predictiveAlto
25Filexxxxxxx/xxx/xxxx/xxx-xxxxxx.xpredictiveAlto
26Filexxxxxxx/xxxx/xxxx_xxxx.xpredictiveAlto
27Filexxxxxxx/xxxxx/xxx/xxxx/xxxx_xxx.xpredictiveAlto
28Filexxxxxxx/xxx/xxx-xxx-xxxx.xpredictiveAlto
29Filexxxxxxx/xxxxxxx/xxxxx/xxxxxx/xxxxxx_xx.xpredictiveAlto
30Filexxxxx-xxxx.xxpredictiveAlto
31Filexxxxx.xxxpredictiveMedia
32Filexxxxxx/xxxxxxx/xxxxx.xpredictiveAlto
33Filexxx/xxxx/xxx.xpredictiveAlto
34Filexxx/xxxx/xx_xxxxxx.xpredictiveAlto
35Filexxx/xxxxx/xxxxx.xpredictiveAlto
36Filexxxxxxx/xxxxxxxxxx/xxxxxxx.xxpredictiveAlto
37Filexxxxxxx.xxxpredictiveMedia
38Filexxxxxxxxx.xxxpredictiveAlto
39Filexxxxxx.xxxpredictiveMedia
40Filexxxxxxxxxxxxx.xxxpredictiveAlto
41Filexxxxxxx.xxxpredictiveMedia
42Filexxxxxx.xxxpredictiveMedia
43Libraryxxx/xxxxxxx_xxxxx_xxxxxx.xpredictiveAlto
44Libraryxxx/xxxx_xxxxx.xpredictiveAlto
45Libraryxxx/xxxx/xxxxxxxx/xxxxxxx.xpredictiveAlto
46Libraryxxx/xxxx/xxxxxxxx/xxxxx.xpredictiveAlto
47ArgumentxxxxpredictiveBasso
48ArgumentxxxxxxxpredictiveBasso
49ArgumentxxxxxxxxpredictiveMedia
50Argumentxxxxx/xx_xx/xxxxxx/xxxxx/xxxxx/xxxxxxxxpredictiveAlto
51Argumentxxx_xxx/xxxxx_xxxpredictiveAlto
52ArgumentxxxxxxxxpredictiveMedia
53Argumentxx_xxxpredictiveBasso
54ArgumentxxxpredictiveBasso
55ArgumentxxxxpredictiveBasso
56ArgumentxxxxxxxxxxpredictiveMedia
57ArgumentxxxxpredictiveBasso
58ArgumentxxxxxxxxpredictiveMedia
59ArgumentxxxxxxxxxpredictiveMedia
60ArgumentxxxxxpredictiveBasso
61Argumentxxxx_xxpredictiveBasso
62ArgumentxxxxxxxxpredictiveMedia
63ArgumentxxxxxxxxxxpredictiveMedia
64ArgumentxxxxxxxpredictiveBasso
65ArgumentxxxxxxxxxxxxxxxxxxpredictiveAlto
66ArgumentxxxxxxpredictiveBasso
67ArgumentxxxxxpredictiveBasso
68ArgumentxxxpredictiveBasso
69ArgumentxxxxxxxxpredictiveMedia
70ArgumentxxxxxxxxpredictiveMedia
71ArgumentxxxxxxpredictiveBasso
72ArgumentxxxxpredictiveBasso
73Argumentxxx_xxxxxxxpredictiveMedia

This view requires CTI permissions

Just purchase a CTI license today!