Cryptbot 解析

IOB - Indicator of Behavior (15)

タイムライン

言語

en16

国・地域

de10
us2
jp2

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

perfSONAR2
TOTOLINK A800R2
TOTOLINK A810R2
TOTOLINK A830R2
TOTOLINK A950RG2

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1perfSONAR file URL Privilege Escalation7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00075CVE-2022-45213
2La-souris-verte Com Svmap index.php ディレクトリトラバーサル5.35.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.01334CVE-2010-1308
3OpenX adclick.php Redirect5.34.7$0-$5k$0-$5kUnprovenUnavailable0.450.00440CVE-2014-2230
4Goahead Software Webserver HTTP Request aux サービス拒否5.34.9$0-$5k$0-$5kProof-of-ConceptWorkaround0.000.06949CVE-2001-0385
5Facebook WhatsApp Video Call メモリ破損8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00393CVE-2022-36934
6SourceCodester Simple Parking Management System クロスサイトスクリプティング3.93.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00054CVE-2022-2363
7Snipe-IT Update Branding Settings 特権昇格5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00054CVE-2022-32060
8TOTOLINK EX300 MQTT Data Packet setLanguageCfg 特権昇格7.67.5$0-$5k$0-$5kNot DefinedNot Defined0.000.17797CVE-2022-32449
9IBM Security Access Manager Appliance 弱い暗号化5.75.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00106CVE-2022-22464
10Apache Commons Configuration Variable Interpolation Privilege Escalation8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.34543CVE-2022-33980
11TOTOLINK A800R/A810R/A830R/A950RG/A3000RU/A3100R 特権昇格6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00706CVE-2022-28935
12Huawei ACXXXX/SXXXX SSH Packet 特権昇格7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00246CVE-2014-8572
13libvirt libxl Driver サービス拒否3.53.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00044CVE-2021-4147
14Zabbix SAML 弱い認証8.28.2$0-$5k$0-$5kNot DefinedNot Defined0.020.97186CVE-2022-23131
15VMware Spring Framework 特権昇格4.54.5$5k-$25k$0-$5kNot DefinedNot Defined0.000.00079CVE-2021-22096

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1006CWE-22Path Traversalpredictive
2T1059.007CWE-79Cross Site Scriptingpredictive
3TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
4TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictive
5TXXXXCWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
6TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (9)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/auxpredictive
2File/ci_spms/admin/search/searching/predictive
3Filexxxxxxx.xxxpredictive
4Filexxxxx.xxxpredictive
5Argumentxxxxxxxxxxpredictive
6Argumentxxxxpredictive
7Argumentxxxxxxxxpredictive
8Argumentxxxxxxpredictive
9Input Value"><xxxxxx>xxxxx("xxx")</xxxxxx>predictive

参考 (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!