TokyoX 解析

IOB - Indicator of Behavior (16)

タイムライン

言語

en12
zh2
fr2

国・地域

us10
ru2
pl2

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

WordPress6
PHP2
phpMyAdmin2
WP Database Backup Plugin2
Plone2

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1ClipperCMS index.php 特権昇格7.67.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00252CVE-2022-41497
2WP Database Backup Plugin Setting クロスサイトスクリプティング3.63.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00053CVE-2022-2271
3Tableau Password 特権昇格4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00080CVE-2022-22127
4Alt-N MDaemon Worldclient 特権昇格4.94.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00090CVE-2021-27182
5Intel Baseboard Management Controller メモリ破損7.47.4$5k-$25k$5k-$25kNot DefinedNot Defined0.000.00110CVE-2019-11182
6Intel Baseboard Management Controller 特権昇格8.58.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00290CVE-2018-12171
7Microsoft Outlook Express InetComm.dll MimeOleClearDirtyTree サービス拒否5.35.3$5k-$25k$0-$5kNot DefinedNot Defined0.020.02596CVE-2008-5424
8phpMyAdmin PMA_safeUnserialize 特権昇格9.89.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00433CVE-2016-9865
9phpMyAdmin Username SQLインジェクション7.57.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00326CVE-2016-9864
10WordPress Media Attachment media-upload.php 特権昇格5.45.2$5k-$25k計算中Not DefinedOfficial Fix0.030.00157CVE-2012-6634
11WordPress press-this.php Security Bypass 特権昇格4.33.8$5k-$25k$0-$5kUnprovenOfficial Fix0.020.00093CVE-2011-5270
12PHP PCRE メモリ破損7.37.0$25k-$100k$0-$5kNot DefinedOfficial Fix0.020.00000
13WordPress 情報の漏洩4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00358CVE-2013-2202
14Plone Session BrowserIdManager.py Reflected クロスサイトスクリプティング6.25.6$0-$5k計算中Proof-of-ConceptOfficial Fix0.000.00292CVE-2013-7062
15PunBB admin_options.php 未知の脆弱性4.24.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00841CVE-2006-4759
16lighttpd request.c http_request_split_value サービス拒否7.56.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.030.74523CVE-2012-5533

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
131.192.107.187TokyoX2022年03月22日verified

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique脆弱性アクセスベクタータイプ信頼度
1T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
2TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx Xxxxxxxxxpredictive
3TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
4TXXXXCWE-XXXxx Xxxxxxxxxpredictive
5TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/manager/index.phppredictive
2Fileadmin_options.phppredictive
3Filexxxxxxxxxxxxxxxx.xxpredictive
4Filexxxxx-xxxx.xxxpredictive
5Filexxx/xxxxxxx.xpredictive
6Filexx-xxxxx/xxxxx-xxxxxx.xxxpredictive
7Libraryxxxxxxxx.xxxpredictive
8Argumentxxxxxxx_xxxpredictive
9Argumentxxxxxxx_xx_xxxxxxxpredictive
10Argumentxxx_xxxpredictive
11Argumentxxxx_xxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!