APP84VN Analiza

IOB - Indicator of Behavior (80)

Oś czasu

Język

en42
zh36
de2

Kraj

cn68
us12

Aktorzy

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Sprzedawca

Produkt

Microsoft Exchange Server4
Cisco IOS XE4
Apache Tomcat4
ZCMS4
Atlassian JIRA2

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1Netgate pfSense XML File config.xml restore_rrddata privilege escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.010.45928CVE-2023-27253
2Tildeslash Monit HTTP Basic Authentication cervlet.c _viewlog Persistent cross site scripting5.75.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00187CVE-2019-11454
3Swagger UI URL information disclosure4.34.1$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00265CVE-2018-25031
4Google gson writeReplace privilege escalation6.66.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00247CVE-2022-25647
5Microsoft Windows Print Spooler Service spoolsv.exe RpcAddPrinterDriverEx PrintNightmare privilege escalation8.87.9$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.030.96685CVE-2021-34527
6Vobot Clock SSH Server weak authentication9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00659CVE-2018-6825
7Hgiga MailSherlock cross site scripting5.25.2$0-$5k$0-$5kNot DefinedNot Defined0.050.00068CVE-2023-24839
8GNUBOARD5 install_db.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00155CVE-2020-18662
9Gin-Vue-Admin File Upload directory traversal7.57.5$0-$5kObliczenieNot DefinedOfficial Fix0.020.00114CVE-2022-39345
10pfSense File Name browser.php cross site scripting4.84.7$0-$5kObliczenieNot DefinedOfficial Fix0.020.00102CVE-2022-42247
11Microsoft Exchange Server nieznana luka5.44.9$25k-$100k$5k-$25kProof-of-ConceptOfficial Fix0.020.00131CVE-2021-1730
12SalesForce Tableau Server SAML Remote Code Execution6.36.3$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00222CVE-2020-6939
13graphql-java GraphQL Query denial of service4.34.0$0-$5kObliczenieNot DefinedOfficial Fix0.000.00125CVE-2022-37734
14Apache Tomcat information disclosure5.34.8$5k-$25kObliczenieProof-of-ConceptOfficial Fix0.000.00506CVE-2007-3385
15Apple Safari WebKit memory corruption7.57.4$25k-$100k$0-$5kHighOfficial Fix0.020.00368CVE-2022-32893
16Kubernetes kubelet pprof information disclosure7.37.2$0-$5k$0-$5kNot DefinedOfficial Fix0.080.55583CVE-2019-11248
17Camunda Modeler IPC Message writeFile privilege escalation7.07.0$0-$5k$0-$5kNot DefinedNot Defined0.050.00871CVE-2021-28154
18Cisco IOS XE Lua Interpreter memory corruption6.56.2$25k-$100k$0-$5kNot DefinedOfficial Fix0.020.00042CVE-2020-3423
19beego Route Lookup privilege escalation5.55.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00233CVE-2021-30080
20Cisco IOS XE SD-WAN vDaemon memory corruption9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.01526CVE-2021-34727

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadres IPHostnameAktorKampanieIdentifiedRodzajPewność siebie
127.102.66.105APP84VN2022-04-20verifiedWysoki
2XX.XXX.XXX.XXXXxxxxxx2022-04-20verifiedWysoki
3XXX.XXX.XX.XXXXxxxxxx2022-04-20verifiedWysoki
4XXX.XXX.XXX.XXXxxxxxx2022-04-20verifiedWysoki

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (27)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/admin.php?p=/User/indexpredictiveWysoki
2File/anony/mjpg.cgipredictiveWysoki
3File/debug/pprofpredictiveMedium
4File/mgmt/tm/util/bashpredictiveWysoki
5File/xxxxxxx_xxxx.xxxpredictiveWysoki
6Filexxxxx/?x=xxxx&x=xxxxx&x=xxxxxxxxxxpredictiveWysoki
7Filexxxxxxx.xxxpredictiveMedium
8Filexxxxxx.xxxpredictiveMedium
9Filexxxxx/predictiveNiski
10Filexxxx/xxxxxxx.xpredictiveWysoki
11Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
12Filexxxxxxx_xx.xxxpredictiveWysoki
13Filexxx/xxx_xxxxx/xx_xxxxx.xpredictiveWysoki
14Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveWysoki
15Filexxxxx_xxxxx.xxxpredictiveWysoki
16Filexxxxx.xpredictiveNiski
17Filexxxxxxx.xxxpredictiveMedium
18Filexxxx/xxx.xxx?xx=xxxxxxpredictiveWysoki
19Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveWysoki
20Argument-xpredictiveNiski
21ArgumentxxxpredictiveNiski
22ArgumentxxxxxxxxxxxxxxxpredictiveWysoki
23ArgumentxxxpredictiveNiski
24Argumentxxxxx_xxxxxxpredictiveMedium
25ArgumentxxxxpredictiveNiski
26Input ValuexxxxxxpredictiveNiski
27Network Portxxx xxxxxx xxxxpredictiveWysoki

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!