BadPatch Analiza

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (30)

Język

en	26
fr	4

Kraj

us	8
fr	2
ru	2

Aktorzy

BadPatch	1
Mozi	1

Wysiłek

Rodzaj

Not Defined	8
Photo Gallery Software	2

Sprzedawca

Saskia Bruckner	2
POS	2
yiisoft	2
Not Defined	2
ElkaGroup	2

Produkt

Saskia Bruckner Saskias Shopsystem	2
POS Codekop	2
yiisoft yii	2
AjPortal2Php	2
ElkaGroup Image Gallery	2

Luki w zabezpieczeniach

#	Słaby punkt	Base	Temp	0day	Dzisiaj	Wyk	Prz	EPSS	CTI	CVE
1	Netgear DGN1000B setup.cgi privilege escalation	9.8	9.3	$25k-$100k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.00
2	yiisoft yii unserialize privilege escalation	7.8	7.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00378	0.04	CVE-2023-47130
3	POS Codekop print.php cross site scripting	4.8	4.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00096	0.02	CVE-2023-36346
4	Saskia Bruckner Saskias Shopsystem content.php directory traversal	7.3	7.1	$0-$5k	$0-$5k	High	Unavailable	0.00445	0.02	CVE-2010-0957
5	ElkaGroup Image Gallery view.php sql injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00125	0.00	CVE-2008-5037
6	ampleShop category.cfm sql injection	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Unavailable	0.00621	0.02	CVE-2006-2038
7	Apache HTTP Server mod_proxy_fcgi.c handle_headers memory corruption	5.3	5.1	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.00953	0.04	CVE-2014-3583
8	Infiray IRAY-A8Z3 Web Application set_param.cgi weak authentication	8.0	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00201	0.00	CVE-2022-31210
9	AjPortal2Php pages.inc.php Remote Code Execution	7.3	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.43742	0.00	CVE-2007-2142

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	adres IP	Hostname	Aktor	Identified	Rodzaj	Pewność siebie
1	6.43.51.17		Badpatch	2019-10-23	verified	Wysoki
2	XXX.XXX.XXX.XXX	xxxxxx.xxxxxx.xx	Xxxxxxxx	2020-12-23	verified	Wysoki
3	XXX.XXX.XXX.XX	xxx-xxx-xxx-xx.xxx.xxxxxxxxxxxx.xx	Xxxxxxxx	2020-12-23	verified	Wysoki

TTP - Tactics, Techniques, Procedures (5)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Luki w zabezpieczeniach	Wektor dostępu	Rodzaj	Pewność siebie
1	T1006	CWE-22	Path Traversal	predictive	Wysoki
2	TXXXX.XXX	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Wysoki
3	TXXXX	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Wysoki
4	TXXXX.XXX	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Wysoki
5	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	Wysoki

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klasa	Indicator	Rodzaj	Pewność siebie
1	File	/usr/local/sbin/webproject/set_param.cgi	predictive	Wysoki
2	File	category.cfm	predictive	Medium
3	File	xxxxxxx.xxx	predictive	Medium
4	File	xxxxxxxx/xxxxx.xxx.xxx	predictive	Wysoki
5	File	xxx_xxxxx_xxxx.x	predictive	Wysoki
6	File	xxxxx.xxx	predictive	Medium
7	File	xxxxx.xxx	predictive	Medium
8	File	xxxx.xxx	predictive	Medium
9	Argument	xxx	predictive	Niski
10	Argument	xxx	predictive	Niski
11	Argument	xx	predictive	Niski
12	Argument	xx_xxxxxx	predictive	Medium
13	Argument	xxxxxxxxxx	predictive	Medium
14	Argument	xxxxxxxxxx	predictive	Medium

Referencje (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ PoprzedniPrzeglądKolejny ▸

Might our Artificial Intelligence support you?

Check our Alexa App!