KeyBoy 解析

IOB - Indicator of Behavior (1000)

タイムライン

言語

en996
zh4

国・地域

us994
hk6

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

SourceCodester E-Commerce System4
TRENDnet TEW-811DRU4
SourceCodester Alphaware Simple E-Commerce System2
Orchard CMS2
TRENDnet TEW-652BRP2

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1TRENDnet TEW-652BRP Web Management Interface get_set.ccp 特権昇格8.88.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00076CVE-2023-0611
2TRENDNet TEW-811DRU httpd guestnetwork.asp メモリ破損7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00060CVE-2023-0617
3TRENDnet TEW-652BRP Web Service cfg_op.ccp メモリ破損7.56.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00097CVE-2023-0618
4TRENDnet TEW-652BRP Web Interface ping.ccp 特権昇格8.17.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.070.01049CVE-2023-0640
5TRENDnet TEW-811DRU Web Management Interface wan.asp メモリ破損6.56.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00133CVE-2023-0637
6TRENDnet TEW-811DRU httpd security.asp メモリ破損7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.090.00137CVE-2023-0613
7Netgear WNDR3700v2 Web Interface サービス拒否4.34.2$5k-$25k$0-$5kProof-of-ConceptNot Defined0.050.00135CVE-2023-0850
8TP-Link Archer C50 Web Management Interface サービス拒否6.56.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00074CVE-2023-0936
9SourceCodester E-Commerce System クロスサイトスクリプティング4.14.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00052CVE-2023-1569
10SourceCodester Alphaware Simple E-Commerce System SQLインジェクション7.06.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00152CVE-2023-1504
11Ubiquiti EdgeRouter X OSPF 特権昇格 [係争状態]8.17.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00651CVE-2023-1458
12SourceCodester E-Commerce System setDiscount.php SQLインジェクション6.66.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00152CVE-2023-1505
13SourceCodester Alphaware Simple E-Commerce System edit_customer.php SQLインジェクション7.06.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00152CVE-2023-1502
14SourceCodester Alphaware Simple E-Commerce System admin_index.php SQLインジェクション7.06.8$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00152CVE-2023-1503
15Orchard CMS HTML Modal Dialog クロスサイトスクリプティング4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00051CVE-2022-32173
16PHPEMS Session Data session.cls.php 特権昇格7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00542CVE-2023-6654
17Tenda G1/G3 formSetDMZ 特権昇格5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.040.00152CVE-2022-24167

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
145.125.12.147spk.cloudie.hkKeyBoy2022年03月27日verified
2XXX.XX.XXX.XXXXxxxxx2022年03月27日verified
3XXX.XXX.XXX.XXXXxxxxx2022年03月27日verified
4XXX.XXX.XXX.XXXxxxxx2022年03月27日verified

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1059.007CWE-79Cross Site Scriptingpredictive
2TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
3TXXXXCWE-XXXxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (24)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/ecommerce/admin/settings/setDiscount.phppredictive
2File/wireless/guestnetwork.asppredictive
3File/wireless/security.asppredictive
4Filexxxxx/xxxxx_xxxxx.xxxpredictive
5Filexxxxx/xxxx/xxxxxxxxxx.xxx?xxxxxx=xxxxpredictive
6Filexxx_xx.xxxpredictive
7Filexxxxxxxx/xxxx_xxxxxxxx.xxxpredictive
8Filexxx_xxx.xxxpredictive
9Filexxxx.xxxpredictive
10Filexxx.xxxpredictive
11Libraryxxx/xxxxxxx.xxx.xxxpredictive
12Argumentxxxxpredictive
13Argumentxxxxxx_xxx_xxpredictive
14Argumentxxxxxxxxpredictive
15Argumentxxxxx/xxxxxxxxpredictive
16Argumentxxxxxxxxx/xx/xxxxxxxxpredictive
17Argumentxxpredictive
18Argumentxxxxxxxx/xxxxxxxxpredictive
19Argumentx_xxxxpredictive
20Input Valuexxxxxx xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)predictive
21Input Value<xxxxxx>xxxxx('x')</xxxxxx>predictive
22Input Valuex' xxxxx xxxxx(x) xxx 'xxxx'='xxxxpredictive
23Input Valuexxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)-- xxxxpredictive
24Input Valuexxxxx%xxxxxx.xxx ' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!