Tick 解析

IOB - Indicator of Behavior (36)

タイムライン

言語

en30
zh6

国・地域

cn18
us16
kr2

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

FLDS2
PHPWind2
Minecraft Servers List2
Nodebb2
Kyocera ECOSYS M5526cdw2

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2Canon MF210/MF220 System Manager Mode login.html 弱い認証8.58.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.01367CVE-2018-11711
3WP Contacts Manager Plugin SQLインジェクション6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.000.00172CVE-2022-1014
4NodeBB abort 未知の脆弱性4.34.2$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00083CVE-2022-3978
5Nodebb JSON File ディレクトリトラバーサル4.64.5$0-$5k計算中Not DefinedOfficial Fix0.030.00104CVE-2021-43788
6TerraMaster TOS Parameter exportUser.php 特権昇格9.38.9$0-$5k計算中Not DefinedOfficial Fix0.040.96623CVE-2020-15568
7Plex Media Server Camera Upload 特権昇格7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.050.01114CVE-2019-19141
8Kyocera ECOSYS M5526cdw Web Application メモリ破損7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.020.00096CVE-2019-13206
9Synacor Zimbra Collaboration XML External Entity8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00441CVE-2016-9924
10Fortinet FortiOS SSL VPN Web Portal メモリ破損5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00817CVE-2018-13383
11Microsoft IIS クロスサイトスクリプティング5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
12Discuz! DiscuzX Attachment 特権昇格7.57.5$0-$5k$0-$5kNot DefinedNot Defined0.040.00183CVE-2018-5259
13Discuz! admin.php クロスサイトスクリプティング3.63.6$0-$5k$0-$5kNot DefinedNot Defined0.020.00054CVE-2018-19464
14Microsoft SQL Server SQL Master Data Services サービス拒否6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00472CVE-2014-4061
15vBulletin redirector.php Redirect6.66.6$0-$5k$0-$5kNot DefinedNot Defined0.220.00141CVE-2018-6200
16LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable3.670.00000
17FLDS redir.php SQLインジェクション7.37.3$0-$5k$0-$5kHighUnavailable0.080.00203CVE-2008-5928
18PHPWind goto.php Redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.080.00348CVE-2015-4134
19MGB OpenSource Guestbook email.php SQLインジェクション7.37.3$0-$5k$0-$5kHighUnavailable0.530.01302CVE-2007-0354
20esoftpro Online Guestbook Pro ogp_show.php SQLインジェクション7.37.1$0-$5k$0-$5kHighUnavailable0.050.00135CVE-2010-4996

IOC - Indicator of Compromise (16)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1006CWE-22Path Traversalpredictive
2T1059CWE-94Argument Injectionpredictive
3TXXXX.XXXCWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
4TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
5TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictive
6TXXXXCWE-XXXxx Xxxxxxxxxpredictive
7TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
8TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (23)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/forum/away.phppredictive
2File/login.htmlpredictive
3File/register/abortpredictive
4File/uncpath/predictive
5Filexxxxx.xxxpredictive
6Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
7Filexxxxx.xxxpredictive
8Filexxxx.xxxpredictive
9Filexxxxxxxxxxxxxxxxx.xxxxpredictive
10Filexxxxxxx/xxxxxxxxxx.xxxpredictive
11Filexxxxxxx.xxxpredictive
12Filexxxxxxxxx/predictive
13Filexxx_xxxx.xxxpredictive
14Filexxxxx.xxxpredictive
15Filexxxxxxxxxx.xxxpredictive
16Filexxxxxx_xxxx.xxxpredictive
17Argumentxxxpredictive
18Argumentxxxxxxxx_xxxxxx/xxxxxxxx_xxxx/xxxxxxxx_xxxxxxxx/xxxxxxxx_xxxxpredictive
19Argumentxxxxpredictive
20Argumentxxpredictive
21Argumentxxxxxxpredictive
22Argumentxxxxxxxxpredictive
23Argumentxxxpredictive

参考 (5)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!