Specter 解析

IOB - Indicator of Behavior (85)

タイムライン

言語

en86

国・地域

us38
tr12
ru10
cn8
al6

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

Microsoft Windows4
Drupal4
Cogentdatahub Cogent DataHub2
Fortinet FortiMail2
H2O2

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Microsoft Windows cmd.exe 特権昇格7.36.6$25k-$100k$0-$5kProof-of-ConceptNot Defined0.000.00000
2OpenNetAdmin 特権昇格7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00857CVE-2019-25065
3Fortinet FortiMail Webmail Login Reflected クロスサイトスクリプティング5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00223CVE-2017-7732
4Drupal Session Data Remote Code Execution8.17.7$0-$5k$0-$5kNot DefinedOfficial Fix0.020.04178CVE-2016-3171
5Drupal User Module user_save 特権昇格8.17.7$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00472CVE-2016-3169
6Joomla CMS LDAP Authentication 弱い認証5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00999CVE-2014-6632
7Redis redis-cli メモリ破損7.16.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.050.00584CVE-2018-12326
8Gwolle Guestbook Plugin ajaxresponse.php 特権昇格7.26.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.84560CVE-2015-8351
9OpenSSH Authentication Username 情報の漏洩5.34.8$5k-$25k$0-$5kHighOfficial Fix0.000.10737CVE-2016-6210
10Apache Tomcat Client Connection 競合状態3.13.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00288CVE-2021-43980
11Synacor Zimbra Collaboration autoSaveDraft クロスサイトスクリプティング6.26.2$0-$5k$0-$5kNot DefinedNot Defined0.040.30586CVE-2023-34192
12DD-WRT Web Interface 未知の脆弱性7.56.9$0-$5k$0-$5kUnprovenNot Defined0.040.00312CVE-2012-6297
13PuTTY Help File 特権昇格6.56.3$0-$5k計算中Not DefinedOfficial Fix0.000.00042CVE-2019-9896
14woocommerce-catalog-enquiry Plugin 特権昇格7.47.2$0-$5k計算中Not DefinedOfficial Fix0.000.00073CVE-2017-18592
15W3 Super Cache Plugin Incomplete Fix CVE-2013-2009 特権昇格8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.01765CVE-2013-2011
16SOGo Blacklist Filter 特権昇格4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00240CVE-2016-6189
17Microsoft Windows Group Policy 特権昇格7.57.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00172CVE-2020-1317
18Cogentdatahub Cogent DataHub GetPermissions.asp 特権昇格7.37.0$0-$5k計算中HighOfficial Fix0.020.32994CVE-2014-3789
19Web2py 情報の漏洩6.46.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.010.00626CVE-2016-4806
20Web2py Password 特権昇格7.77.3$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00826CVE-2016-10321

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (44)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/h/autoSaveDraftpredictive
2File/tmp/.pk11ipc1predictive
3File/var/log/nginxpredictive
4File/webservices/api/v2.phppredictive
5Fileadm-index.phppredictive
6Filebase/ErrorHandler.phppredictive
7Filexxx.xxxpredictive
8Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
9Filexxxxxx.xxxpredictive
10Filexxxxxxx/xxx/xx/xxxxxxxxxx.xpredictive
11Filexxxxxxxxx/xx/xxxxxxxxxxxx.xxxpredictive
12Filexxxxxxxx/xxxxxxx/xxxxxxxxxxxx.xxxpredictive
13Filexxxxxxxxxxxxxx.xxxpredictive
14Filexxx/xxxxxx.xxxpredictive
15Filexxxxxxxxx/xxxxxxxx.xxxpredictive
16Filexxxxxxxx.xxpredictive
17Filexxxxxxx.xxxpredictive
18Filexxxxxxxxxxxxxx.xxxpredictive
19Filexxxxxxxxxx.xxxpredictive
20Filexxxxxx/xxxxxxx/xxxxxxxx/xxxxxxxx.xxxpredictive
21Filexxxxxxx.xxxpredictive
22Filexxxxxxxxxxxxxxxx.xxpredictive
23Filexxx/xxxxxx.xpredictive
24Filexxxxx_xxxxx.xxxpredictive
25Filexxxx/xxxxxxxx/xxxxxxxx.xxxxpredictive
26Filexx-xxxxx/xxxx.xxxpredictive
27Libraryxxxxxx[xxxxxx_xxxxpredictive
28Libraryxxxxxxxxxpredictive
29Libraryxxxxx.xxxpredictive
30Argument-xpredictive
31Argumentxxxxxxxpredictive
32Argumentxxxxxxxxpredictive
33Argumentxxxxxx[xxxxxx_xxxx]predictive
34Argumentxxxxpredictive
35Argumentxxxpredictive
36Argumentxxpredictive
37Argumentxxxxxxxxxpredictive
38Argumentxxxxxxxxxpredictive
39Argumentxxxxxpredictive
40Argumentxxxxxxxxpredictive
41Argumentxx_xxxxpredictive
42Argumentxxxxxxpredictive
43Argumentxxxxxpredictive
44Argumentxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

Samples (1)

The following list contains associated samples:

Do you need the next level of professionalism?

Upgrade your account now!