UAC-0051 解析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (165)

タイムライン

言語

en122
es14
zh12
de4
it4

国・地域

cn20
es14
de4
it4
fr4

アクター

TrickBot1
UAC-00511

アクティビティ

関心

タイムライン

タイプ

Not Defined38
Content Management System14
Forum Software8
Project Management Software2
JavaScript Library2

ベンダー

Not Defined26
Courseforum2
Benjamin Lefevre2
PHPJunkYard2
Joels2

製品

MyBB4
WordPress4
Courseforum ProjectForum2
Benjamin Lefevre Dobermann Forum2
DedeCMS2

脆弱性

#脆弱性BaseTemp0day本日修復EPSSCTICVE
1Softbiz FAQ Script add_comment.php SQLインジェクション6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.013020.02CVE-2005-3938
2Joels Bulletin Board newtopic.php SQLインジェクション6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.06
3Michael Barretto Cardboard 特権昇格7.37.1$0-$5k$0-$5kNot DefinedUnavailable0.008890.00CVE-2001-1584
4WoltLab Burning Board Lite search.php SQLインジェクション7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.002640.00CVE-2007-6518
5Forumer / IPB Board Show Topic index.php SQLインジェクション7.37.1$0-$5k$0-$5kNot DefinedNot Defined0.000000.04
6MyBB moderation.php 未知の脆弱性6.36.1$5k-$25k$0-$5kHighUnavailable0.002140.00CVE-2008-7082
7Toms-seiten.at Toms Gästebuch header.php クロスサイトスクリプティング4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.004090.00CVE-2007-4896
8Dreaxteam Xt-News add_comment.php クロスサイトスクリプティング4.34.2$0-$5k$0-$5kHighUnavailable0.005990.07CVE-2006-6746
9Cisco Prime Network Registrar クロスサイトスクリプティング4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.001350.00CVE-2013-3394
10EMC Document Sciences xPression Dashboard ディレクトリトラバーサル4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.001550.00CVE-2013-6177
11MyBB reputation.php SQLインジェクション7.37.3$5k-$25k$0-$5kNot DefinedNot Defined0.006200.00CVE-2005-1833
12WordPress Comment Status options-discussion.php 未知の脆弱性4.34.1$5k-$25k$0-$5kHighOfficial Fix0.001120.00CVE-2013-7233
13WordPress options-discussion.php サービス拒否5.35.1$5k-$25k$0-$5kHighOfficial Fix0.000000.00
14W2b phpAdBoard File Upload index.php 特権昇格7.36.7$0-$5k$0-$5kProof-of-ConceptUnavailable0.092360.00CVE-2008-6921
15Flat PHP Board ディレクトリトラバーサル3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.01
161Two Livre d Or guestbook.php クロスサイトスクリプティング6.35.7$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.004570.00CVE-2005-1644
17Microsoft Windows Remote Desktop Web Access クロスサイトスクリプティング5.04.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.841120.00CVE-2011-1263
18Tableau Server Log File 情報の漏洩6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001490.00CVE-2020-6938
19ONLYOFFICE Document Server JWT upload ディレクトリトラバーサル8.07.2$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.028230.02CVE-2021-3199
20DedeCMS article_coonepage_rule.php SQLインジェクション6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.002070.04CVE-2022-23337

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
1185.175.158.27UAC-00512022年07月21日verified

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueクラス脆弱性アクセスベクタータイプ信頼度
1T1006CAPEC-126CWE-21, CWE-22, CWE-23Path Traversalpredictive
2T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictive
3TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
4TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx Xxxxxxxxpredictive
5TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
6TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive

IOA - Indicator of Attack (68)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/cgi-bin/portalpredictive
2File/index.phppredictive
3File/iwguestbook/admin/badwords_edit.asppredictive
4File/uploadpredictive
5File/_nextpredictive
6Fileadd.phppredictive
7Fileadd_comment.phppredictive
8Fileadmin/admin.phppredictive
9Fileadmin/adminsignin.htmlpredictive
10Filexxxxx/xxxxxxxx.xxxpredictive
11Filexxxxx/xxxxxx.xxxpredictive
12Filexxxxx/xxxxxx.xxxpredictive
13Filexxxxx/xxxxxxxx.xxxxpredictive
14Filexxxxxxx_xxxxxxxxx_xxxx.xxxpredictive
15Filexxxxxxxxx.xxxpredictive
16Filexxxxxxxxxx/xxx_xxxxx/xxxxxx/xxxxxxxxxxxx.xxxpredictive
17Filexxxxxxx/xxx/xxx_xxxxxxx.xpredictive
18Filexx_xxxxxx.xxx.xxxpredictive
19Filexxxxxxx.xxxpredictive
20Filexxxxxx.xxxpredictive
21Filexxxxxx.xxxpredictive
22Filexxxxxxxxx.xxxpredictive
23Filexxxxxxxxx.xxxpredictive
24Filexxxxx.xxxpredictive
25Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictive
26Filexxxxxxxxxx.xxxpredictive
27Filexxxxxxxx.xxxpredictive
28Filexxx_xxx_xxxx.xxxpredictive
29Filexxxx.xxxpredictive
30Filexxxxxxxx.xxxpredictive
31Filexxxxxxxxxx.xxxpredictive
32Filexxxxxx.xxxpredictive
33Filexxx/xxxx/xxxx/xxx/xxxxxxxxx/xxxxxxx/xxxxxxxxxxxxxx/xxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictive
34Filexxxxxxpredictive
35Filexxxxxx/xxxxxxxx/xxxxxx.xxxpredictive
36Filexxxxxx/xxxxx.xxxpredictive
37Filexxxxxx.xxxpredictive
38Filexx-xxxxx/xxxxxxx-xxxxxxxxxx.xxxpredictive
39Argumentxxxxxxxxpredictive
40Argumentxxxxxxpredictive
41Argumentxxxxxxxxpredictive
42Argumentxxxxxxxxpredictive
43Argumentxxxxxxxxxpredictive
44Argumentxxx_xxxxpredictive
45Argumentxxxxxxpredictive
46Argumentxxxxx[xxxxxxxx]predictive
47Argumentxxxxxpredictive
48Argumentxxxxx_xxpredictive
49Argumentxxxxxxxxxxxxpredictive
50Argumentxxpredictive
51Argumentxxxxxpredictive
52Argumentxxxpredictive
53Argumentxx_xxxxpredictive
54Argumentxxx_xxpredictive
55Argumentxx_xxxx_xxxpredictive
56Argumentxxxxpredictive
57Argumentxxxxxxxxxxxxxxpredictive
58Argumentxxxxxxpredictive
59Argumentxxxpredictive
60Argumentxxxxxxxxxpredictive
61Argumentxxxpredictive
62Argumentxxxxxxxxxpredictive
63Argumentxxxx_xxxxxxpredictive
64Argumentxxxxxxxpredictive
65Argumentxxxxxxxxx_xxxxxxpredictive
66Argumentxxx_xxx_xxxxxxpredictive
67Argumentxxxxxxxxpredictive
68Input Valuex+xxxxx+xxxxxx+x,xxxxxxx,xxxxxxxxxxx+xxxx+xxxxx#predictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

概要

Do you want to use VulDB in your project?

Use the official API to access entries easily!