DNSBirthday 解析

IOB - Indicator of Behavior (240)

タイムライン

言語

en152
es48
de20
sv8
it8

国・地域

us200
ru36
io2
fr2

アクター

アクティビティ

関心

タイムライン

タイプ

ベンダー

製品

MantisBT4
PHP2
Linux Kernel2
Netentsec NS-ASG Application Security Gateway2
Prometheus Blackbox Exporter2

脆弱性

#脆弱性BaseTemp0day本日修復CTIEPSSCVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 情報の漏洩5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
2Void Contact Form 7 Widget for Elementor Page Builder Plugin void_cf7_opt_in_user_data_track 未知の脆弱性4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000.00062CVE-2022-47166
3Facebook WhatsApp/WhatsApp Business/WhatsApp Desktop RTCP Flag Parser 情報の漏洩6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00138CVE-2021-24043
4Responsive Menus Configuration Setting responsive_menus.module responsive_menus_admin_form_submit クロスサイトスクリプティング3.23.2$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00073CVE-2018-25085
5Cisco IOS/IOS XE/Meraki/NX-OS/Small Business Switch IPv6 RA Guard/ARP Inspection 弱い認証5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00062CVE-2021-27853
6Linux Kernel FXSAVE x87 Register 弱い暗号化4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00101CVE-2006-1056
7SourceCodester Free and Open Source Inventory Management System Add Supplier クロスサイトスクリプティング4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00045CVE-2023-46450
8Cisco Common Services Platform Collector Web-based Management Interface クロスサイトスクリプティング5.25.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00136CVE-2022-20671
9Netentsec NS-ASG Application Security Gateway list_addr_fwresource_ip.php SQLインジェクション5.55.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.020.00061CVE-2023-5681
10Tesla Model 3 Mobile App Phone Key Authentication 弱い認証6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00047CVE-2022-37709
11Contec FXA3200 Wireless LAN Manager Interface mnt_cmd.cgi 特権昇格8.48.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00042CVE-2022-36158
12ramank775 Chat Server Access Token Validator this.authProvider.verifyAccessKey 弱い認証8.28.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00193CVE-2022-31013
13Xoops URL Filter index.php Redirect6.66.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00062CVE-2017-12138
14MGB OpenSource Guestbook email.php SQLインジェクション7.37.3$0-$5k$0-$5kHighUnavailable0.810.01302CVE-2007-0354
15Nanning Ontall Longxing Industrial Development Zone Project Construction and Installation Management System login.aspx SQLインジェクション8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.190.00063CVE-2023-5828
16SourceCodester Free Hospital Management System for Small Practices Parameter doctors.php SQLインジェクション6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00063CVE-2023-5587
17Sangfor Next-Gen Application Firewall HTTP POST Request login.cgi 特権昇格9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.020.08915CVE-2023-30806
18Dienstleistung, Entwicklung & Vertrieb GmbH cashIT Serving Solutions HTTP Endpoint 特権昇格9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000.01229CVE-2023-3656
19SourceCodester Employee and Visitor Gate Pass Logging System GET Parameter view_designation.php SQLインジェクション7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.060.00135CVE-2023-2090
20SourceCodester Food Ordering Management System POST Parameter router.php SQLインジェクション7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00151CVE-2022-3332

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIPアドレスHostnameアクターキャンペーンIdentifiedタイプ信頼度
1176.31.106.50ns392559.ip-176-31-106.euDNSBirthday2021年05月31日verified
2XXX.XXX.XXX.XXxxx-xxxx-xxxxxx.xxxxxxxx.xxxXxxxxxxxxxx2021年05月31日verified
3XXX.XXX.XX.XXXxxxxxxxxxx2021年05月31日verified
4XXX.XXX.XX.XXXxxxxxxxxxx2021年05月31日verified

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (47)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDクラスIndicatorタイプ信頼度
1File/admin/list_addr_fwresource_ip.phppredictive
2File/admin/maintenance/view_designation.phppredictive
3File/cgi-bin/login.cgipredictive
4File/forum/away.phppredictive
5File/modules/profile/index.phppredictive
6File/probe?targetpredictive
7File/xxxxxxxxx.xxxxpredictive
8File/xxxxxxxx/xxx.xxxpredictive
9File/xxx/xxx/xx/xxx_xxx.xxxpredictive
10File/xx/xxxxx/xxxxxxx.xxxpredictive
11Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
12Filexxxxx.xxxpredictive
13Filexxxx.xxxpredictive
14Filexxx-xxxxxx-xxx.xpredictive
15Filexxx-xxxxx.xxxpredictive
16Filexxx/xxxxxx.xxxpredictive
17Filexxxxx.xxxpredictive
18Filexxxxxxxxxxxxx.xxxpredictive
19Filexxxxx.xxxxpredictive
20Filexxxxx_xxxxxx_xxx.xxxpredictive
21Filexxxxx.xxxpredictive
22Filexxxxxxxx.xxxpredictive
23Filexxxxxxxxxx.xxxpredictive
24Filexxxxxxxxxx_xxxxx.xxxxxxpredictive
25Filexxxxxx.xxxpredictive
26Filexxxxxxxxxxxxxxxxxxx.xxx/xxxxxxxx_xxxxx_xxxx_xxxxxxxx_xxxxxxxxxx.xxxpredictive
27Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictive
28Filexxxx-xxx-xxxxx-xxxxx.xxxpredictive
29Filexxxx.xxxpredictive
30Filexxxx_xxx_xxx_xxxx.xxxpredictive
31Libraryxxxxxxxx.xxxpredictive
32Argumentxxxxx xxxx xxxxpredictive
33Argumentxxxxxxxxpredictive
34Argumentxxxpredictive
35Argumentxxxx_xxxxxxpredictive
36Argumentxxxxpredictive
37Argumentxxpredictive
38Argumentxxxxxxxx_xxxxpredictive
39Argumentxxxxxxpredictive
40Argumentxxxxxxx_xxpredictive
41Argumentxxxxxxxxxxxxpredictive
42Argumentxxxxxxpredictive
43Argumentxxxxxxxxxxxpredictive
44Argumentxxxxpredictive
45Argumentxxxpredictive
46Argumentxxxxxxxxpredictive
47Input Valuexxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!