Monarchy 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (43)

タイムライン

言語

ru26
en14
fr4

国・地域

ru42
us2

アクター

Monarchy2

アクティビティ

関心

タイムライン

タイプ

Web Browser14
Not Defined12
Content Management System2
Smartphone Operating System2
Ruby Gem2

ベンダー

Google16
Not Defined8
D-Link2
TP-Link2
WellinTech2

製品

Google Chrome14
OTCMS4
Keycloak2
Google Android2
D-Link Go-RT-AC7502

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Fluent Fluentd/Fluent-ui 弱い認証5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000810.04CVE-2020-21514
2SourceCodester E-Commerce System setDiscount.php SQLインジェクション6.66.5$0-$5k$0-$5kProof-of-ConceptNot Defined0.001710.08CVE-2023-1505
3Zoom Client for IT 競合状態7.67.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.000420.03CVE-2023-22883
4Google Chrome Browser History メモリ破損5.55.3$25k-$100k$5k-$25kNot DefinedOfficial Fix0.003190.04CVE-2023-1820
5Google Chrome WebShare Remote Code Execution6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002270.04CVE-2023-1821
6D-Link Go-RT-AC750 soapcgi.main 特権昇格7.67.5$5k-$25k$5k-$25kNot DefinedNot Defined0.007250.04CVE-2023-26822
7Convert To Pipeline Plugin Freestyle Project Configuration 特権昇格7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.001770.00CVE-2023-28677
8Keycloak 弱い認証5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000650.04CVE-2023-0264
9WellinTech KingHistorian Network Packet SORBAx64.dll Remote Code Execution8.78.6$0-$5k$0-$5kNot DefinedNot Defined0.001900.00CVE-2022-43663
10Adobe Animate メモリ破損7.06.9$0-$5k$0-$5kNot DefinedOfficial Fix0.066770.02CVE-2023-22243
11unpoly-rails Gem Header サービス拒否5.75.7$0-$5k$0-$5kNot DefinedOfficial Fix0.002820.02CVE-2023-28846
12Twitter Recommendation Algorithm サービス拒否5.35.2$0-$5k$0-$5kNot DefinedNot Defined0.001130.02CVE-2023-29218
13OTCMS apiRun.php AutoRun クロスサイトスクリプティング4.44.3$0-$5k$0-$5kNot DefinedNot Defined0.000700.04CVE-2023-1635
14OTCMS 特権昇格7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001340.04CVE-2023-1797
15Huawei EMUI/HarmonyOS WLAN Module 特権昇格5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.002210.00CVE-2022-39009
16TP-Link AX1800 Firmware Parser メモリ破損6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000650.00CVE-2023-27346
17NoMachine 特権昇格6.86.7$0-$5k$0-$5kNot DefinedNot Defined0.000480.03CVE-2022-34043
18sjqzhang go-fastdfs File Upload uploa upload Remote Code Execution8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.001970.13CVE-2023-1800
19Google Chrome FedCM Privilege Escalation5.55.3$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002930.05CVE-2023-1823
20Google Chrome Intents Remote Code Execution6.36.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.002930.00CVE-2023-1817

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
145.76.47.21845.76.47.218.vultr.comMonarchy2021年07月22日verified
2XXX.XXX.XX.XXXXxxxxxxx2021年07月22日verified
3XXX.XXX.XXX.XXXxxxxxxxxxxxxxxxxx-xxxxxxx.xxxxxx.xxXxxxxxxx2021年07月22日verified
4XXX.XXX.XXX.XXXXxxxxxxx2021年07月22日verified

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CWE-24Path Traversalpredictive
2T1059CAPEC-242CWE-94Argument Injectionpredictive
3TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
4TXXXX.XXXCAPEC-CWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictive
5TXXXXCAPEC-136CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
6TXXXXCAPEC-CWE-XXXXxxxxxxxxx Xxxxxxpredictive
7TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
8TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/ecommerce/admin/settings/setDiscount.phppredictive
2File/group1/uploapredictive
3FileapiRun.phppredictive
4Filexxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictive
5Filexxxxxxx.xxxxpredictive
6Filexxxxxxxxxxxx.xxx?xxxx=xxxpredictive
7Libraryxxxxxxxx.xxxpredictive
8Argumentxxpredictive
9Argumentxxxxpredictive
10Argumentxxpredictive
11Argumentxxxxxxxpredictive
12Argumentxxxpredictive
13Argumentx-xx-xxxxxxxxpredictive
14Input Valuexxxxxx xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx)predictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you want to use VulDB in your project?

Use the official API to access entries easily!