DNSBirthday Analiza

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (240)

Oś czasu

Język

en148
es54
de20
it8
fr6

Kraj

us200
ru38
io2

Aktorzy

DNSBirthday3
LokiBot1
GRU1
LeetHozer1
Kuluoz1

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Not Defined24
Router Operating System4
Project Management Software4
Content Management System4
Bug Tracking Software2

Sprzedawca

Not Defined16
SourceCodester6
Cisco4
SAP2
Projectworlds2

Produkt

SAP Network Interface Router2
Projectworlds Hospital Management System2
Cisco IOS2
Cisco IOS XE2
Cisco Meraki2

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzEPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash information disclosure5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
2Void Contact Form 7 Widget for Elementor Page Builder Plugin void_cf7_opt_in_user_data_track cross site request forgery4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.000630.00CVE-2022-47166
3Facebook WhatsApp/WhatsApp Business/WhatsApp Desktop RTCP Flag Parser information disclosure6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.001380.02CVE-2021-24043
4Responsive Menus Configuration Setting responsive_menus.module responsive_menus_admin_form_submit cross site scripting3.23.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000730.04CVE-2018-25085
5Cisco IOS/IOS XE/Meraki/NX-OS/Small Business Switch IPv6 RA Guard/ARP Inspection weak authentication5.55.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.000620.02CVE-2021-27853
6Linux Kernel FXSAVE x87 Register weak encryption4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.001010.05CVE-2006-1056
7SourceCodester Free and Open Source Inventory Management System Add Supplier cross site scripting4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000450.02CVE-2023-46450
8Cisco Common Services Platform Collector Web-based Management Interface cross site scripting5.25.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.001360.00CVE-2022-20671
9Netentsec NS-ASG Application Security Gateway list_addr_fwresource_ip.php sql injection5.55.4$0-$5k$0-$5kProof-of-ConceptNot Defined0.000610.04CVE-2023-5681
10Tesla Model 3 Mobile App Phone Key Authentication weak authentication6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000470.07CVE-2022-37709
11Contec FXA3200 Wireless LAN Manager Interface mnt_cmd.cgi privilege escalation8.48.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000480.00CVE-2022-36158
12ramank775 Chat Server Access Token Validator this.authProvider.verifyAccessKey weak authentication8.28.0$0-$5k$0-$5kNot DefinedOfficial Fix0.001930.00CVE-2022-31013
13Xoops URL Filter index.php Redirect6.66.4$0-$5k$0-$5kNot DefinedNot Defined0.000620.04CVE-2017-12138
14MGB OpenSource Guestbook email.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.013021.07CVE-2007-0354
15Nanning Ontall Longxing Industrial Development Zone Project Construction and Installation Management System login.aspx sql injection8.17.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.07CVE-2023-5828
16SourceCodester Free Hospital Management System for Small Practices Parameter doctors.php sql injection6.36.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000630.00CVE-2023-5587
17Sangfor Next-Gen Application Firewall HTTP POST Request login.cgi privilege escalation9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.089150.02CVE-2023-30806
18Dienstleistung, Entwicklung & Vertrieb GmbH cashIT Serving Solutions HTTP Endpoint privilege escalation9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.012290.00CVE-2023-3656
19SourceCodester Employee and Visitor Gate Pass Logging System GET Parameter view_designation.php sql injection7.16.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.002200.00CVE-2023-2090
20SourceCodester Food Ordering Management System POST Parameter router.php sql injection7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001700.04CVE-2022-3332

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadres IPHostnameAktorKampanieIdentifiedRodzajPewność siebie
1176.31.106.50ns392559.ip-176-31-106.euDNSBirthday2021-05-31verifiedWysoki
2XXX.XXX.XXX.XXxxx-xxxx-xxxxxx.xxxxxxxx.xxxXxxxxxxxxxx2021-05-31verifiedWysoki
3XXX.XXX.XX.XXXxxxxxxxxxx2021-05-31verifiedWysoki
4XXX.XXX.XX.XXXxxxxxxxxxx2021-05-31verifiedWysoki

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlasaLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CAPEC-126CWE-22Path TraversalpredictiveWysoki
2T1059CAPEC-242CWE-94Argument InjectionpredictiveWysoki
3T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveWysoki
4TXXXXCAPEC-122CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
5TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
6TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveWysoki
7TXXXXCAPEC-0CWE-XXXXxxxxxxxxx XxxxxxpredictiveWysoki
8TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveWysoki
9TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveWysoki
10TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
11TXXXXCAPEC-0CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveWysoki
12TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveWysoki

IOA - Indicator of Attack (47)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/admin/list_addr_fwresource_ip.phppredictiveWysoki
2File/admin/maintenance/view_designation.phppredictiveWysoki
3File/cgi-bin/login.cgipredictiveWysoki
4File/forum/away.phppredictiveWysoki
5File/modules/profile/index.phppredictiveWysoki
6File/probe?targetpredictiveWysoki
7File/xxxxxxxxx.xxxxpredictiveWysoki
8File/xxxxxxxx/xxx.xxxpredictiveWysoki
9File/xxx/xxx/xx/xxx_xxx.xxxpredictiveWysoki
10File/xx/xxxxx/xxxxxxx.xxxpredictiveWysoki
11Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveWysoki
12Filexxxxx.xxxpredictiveMedium
13Filexxxx.xxxpredictiveMedium
14Filexxx-xxxxxx-xxx.xpredictiveWysoki
15Filexxx-xxxxx.xxxpredictiveWysoki
16Filexxx/xxxxxx.xxxpredictiveWysoki
17Filexxxxx.xxxpredictiveMedium
18Filexxxxxxxxxxxxx.xxxpredictiveWysoki
19Filexxxxx.xxxxpredictiveMedium
20Filexxxxx_xxxxxx_xxx.xxxpredictiveWysoki
21Filexxxxx.xxxpredictiveMedium
22Filexxxxxxxx.xxxpredictiveMedium
23Filexxxxxxxxxx.xxxpredictiveWysoki
24Filexxxxxxxxxx_xxxxx.xxxxxxpredictiveWysoki
25Filexxxxxx.xxxpredictiveMedium
26Filexxxxxxxxxxxxxxxxxxx.xxx/xxxxxxxx_xxxxx_xxxx_xxxxxxxx_xxxxxxxxxx.xxxpredictiveWysoki
27Filexxxxxxxxxxxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
28Filexxxx-xxx-xxxxx-xxxxx.xxxpredictiveWysoki
29Filexxxx.xxxpredictiveMedium
30Filexxxx_xxx_xxx_xxxx.xxxpredictiveWysoki
31Libraryxxxxxxxx.xxxpredictiveMedium
32Argumentxxxxx xxxx xxxxpredictiveWysoki
33ArgumentxxxxxxxxpredictiveMedium
34ArgumentxxxpredictiveNiski
35Argumentxxxx_xxxxxxpredictiveMedium
36ArgumentxxxxpredictiveNiski
37ArgumentxxpredictiveNiski
38Argumentxxxxxxxx_xxxxpredictiveWysoki
39ArgumentxxxxxxpredictiveNiski
40Argumentxxxxxxx_xxpredictiveMedium
41ArgumentxxxxxxxxxxxxpredictiveMedium
42ArgumentxxxxxxpredictiveNiski
43ArgumentxxxxxxxxxxxpredictiveMedium
44ArgumentxxxxpredictiveNiski
45ArgumentxxxpredictiveNiski
46ArgumentxxxxxxxxpredictiveMedium
47Input ValuexxpredictiveNiski

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

PoprzedniPrzeglądKolejny

Do you want to use VulDB in your project?

Use the official API to access entries easily!