Panda Analiza

IOB - Indicator of Behavior (550)

Oś czasu

Język

en494
zh48
de4
es2
pl2

Kraj

us304
cn140
ir4
jp2
gb2

Aktorzy

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Sprzedawca

Produkt

Oracle Database Server42
Microsoft Windows26
Siemens SIMATIC PCS 716
Siemens SIMATIC WinCC10
Apache HTTP Server10

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1Atlassian Jira Service Management Server/Data Center InsightDefaultCustomFieldConfig.jspa cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00054CVE-2021-43943
2DZCP deV!L`z Clanportal config.php privilege escalation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.360.00943CVE-2010-0966
3Citrix Gateway privilege escalation7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00137CVE-2020-10111
4webbuilders-group silverstripe-kapost-bridge KapostService.php getPreview sql injection7.57.4$0-$5k$0-$5kNot DefinedOfficial Fix0.120.00141CVE-2015-10077
5F5 BIG-IP Advanced WAF Appliance Mode Restrictions Privilege Escalation7.97.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00065CVE-2022-25946
6vsftpd deny_file nieznana luka3.73.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00312CVE-2015-1419
7OpenSSH Authentication Username information disclosure5.34.8$5k-$25k$0-$5kHighOfficial Fix0.000.10737CVE-2016-6210
8Microsoft IIS cross site scripting5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
9SmarterTools SmarterMail directory traversal6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00062CVE-2019-7213
10Joomla CMS sql injection7.36.9$5k-$25k$0-$5kProof-of-ConceptNot Defined0.000.00264CVE-2013-1453
11Microsoft Windows Hyper-V privilege escalation8.48.2$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00137CVE-2019-0620
12Thomson Reuters Desktop Extensions Service Port 6677 ThomsonReuters.Desktop.Service.exe directory traversal9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.030.15636CVE-2019-8385
13OpenCycleCompass server-php login.php sql injection8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00132CVE-2015-10086
14luelista miniConf URL Scanning MessageView.cs denial of service4.84.8$0-$5k$0-$5kNot DefinedOfficial Fix0.050.00088CVE-2015-10025
15DBRisinajumi d2files D2filesController.php actionDownloadFile sql injection6.96.9$0-$5k$0-$5kNot DefinedOfficial Fix0.100.00144CVE-2015-10018
1682Flex WEIPDCRM cross site scripting4.44.3$0-$5k$0-$5kNot DefinedOfficial Fix0.170.00063CVE-2015-10007
17ByWater Solutions bywater-koha-xslt systempreferences.pl StringSearch sql injection5.55.5$0-$5k$0-$5kNot DefinedOfficial Fix0.080.00145CVE-2015-10091
18githuis P2Manage Database.cs Execute sql injection6.96.9$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00148CVE-2015-10054
19HPI-Information-Systems ProLOD sql injection6.96.9$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00148CVE-2015-10017
20OpenDNS OpenResolve API endpoints.py get cross site scripting4.14.1$0-$5k$0-$5kNot DefinedOfficial Fix0.120.00063CVE-2015-10010

IOC - Indicator of Compromise (23)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (21)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-21, CWE-22Path TraversalpredictiveWysoki
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveWysoki
3T1059CWE-94Argument InjectionpredictiveWysoki
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveWysoki
5T1068CWE-264, CWE-269, CWE-284Execution with Unnecessary PrivilegespredictiveWysoki
6TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveWysoki
7TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveWysoki
8TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
9TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveWysoki
10TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveWysoki
11TXXXXCWE-XXXXxxxxxxxxx XxxxxxpredictiveWysoki
12TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
13TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveWysoki
14TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
15TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveWysoki
16TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
17TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
18TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveWysoki
19TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveWysoki
20TXXXX.XXXCWE-XXX, CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveWysoki
21TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveWysoki

IOA - Indicator of Attack (232)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1File/api/predictiveNiski
2File/api/adduserspredictiveWysoki
3File/api/blade-log/api/listpredictiveWysoki
4File/cgi-bin/editBookmarkpredictiveWysoki
5File/cgi-bin/gopredictiveMedium
6File/cgi-bin/system_mgr.cgipredictiveWysoki
7File/cgi-bin/webviewer_login_pagepredictiveWysoki
8File/client/api/json/v2/nfareports/compareReportpredictiveWysoki
9File/dede/file_manage_control.phppredictiveWysoki
10File/etc/services/DEVICE.TIME.phppredictiveWysoki
11File/forum/away.phppredictiveWysoki
12File/horde/imp/search.phppredictiveWysoki
13File/index.phppredictiveMedium
14File/netflow/jspui/selectDevice.jsppredictiveWysoki
15File/public/login.htmpredictiveWysoki
16File/public/login.htm?errormsg=&loginurl=%22%3E%3Csvg%20onload=prompt%28/XSS/%29%3EpredictiveWysoki
17File/reports/rwservletpredictiveWysoki
18File/SASWebReportStudio/logonAndRender.dopredictiveWysoki
19File/search.htm?searchtext=%22%3E%3Csvg%20onload=prompt%28/XSS/%29%3EpredictiveWysoki
20File/secure/admin/InsightDefaultCustomFieldConfig.jspapredictiveWysoki
21File/secure/admin/ViewInstrumentation.jspapredictiveWysoki
22File/spip.phppredictiveMedium
23File/tab_tariffe.phppredictiveWysoki
24File/tmppredictiveNiski
25File/tmp/app/.envpredictiveWysoki
26File/xxxxxxx/predictiveMedium
27File/xx/xxxxxxx/xxxx-xxxx-xxxxxx-xxx-xxxxpredictiveWysoki
28File/xxxxxxxxxx_xxxxxxx.xxxpredictiveWysoki
29Filexxx/xxxx_xxxx.xxxpredictiveWysoki
30Filexxxxxxx.xxxpredictiveMedium
31Filexxx_xxxxxxxx.xxxpredictiveWysoki
32Filexxxxx/xxxxxx/xxxxx-xxxxxx-xxxxxxxx.xxxpredictiveWysoki
33Filexxxxx/xxxxxxxxxxxxxxxxx.xxpredictiveWysoki
34Filexxxxxxx.xxx?xxx=xxx/xx=xxxx/xxxxx=xxxxpredictiveWysoki
35Filexxxxxxxxxxxxx/xxxxxxxxxx/xxx_xxxxx/xxxxxxx/xxxxx.xxxpredictiveWysoki
36Filexxxx/xxxxxxx.xxxpredictiveWysoki
37Filexxxxx_xxxxxx.xxxpredictiveWysoki
38Filexxxx/xxxxx.xxxpredictiveWysoki
39Filexxx/xxxxx/xxxxxxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveWysoki
40Filexxx/xxxxxxxx/xxxx/xxxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
41Filexxx/xxx/xxxx/xxxx/xxx/xxxxxxx/xxxxxxxxx/xxxxxxxxxx.xxxxpredictiveWysoki
42Filexxx/xxxxx/xxxxxxxxx/_xxxxxxxx.xxxx.xxxpredictiveWysoki
43Filexxx\xxxx_xxxxxxxxx\xxxx_xxxxxxxxx_xxxx.xxxpredictiveWysoki
44Filexxx_xxxx/xxxxxxxx/xxxxxxxxxxx.xxpredictiveWysoki
45Filexxxx.xxx.xxxpredictiveMedium
46Filexxxxxxx.xxpredictiveMedium
47Filexxxxxxxx_xxxxxxx.xxxpredictiveWysoki
48Filexxx-xxx/xxxxxxxxxx.xxpredictiveWysoki
49Filexxxxxxx/xxxxx-xxx-xxxxxxxx.xxxpredictiveWysoki
50Filexxxx/xxxxxxx/xxxxxxxxxxxxx.xxxpredictiveWysoki
51Filexxx/xxxxxxxxx/xxxxxx/xxxxxxxxxxxxx.xxxxpredictiveWysoki
52Filexxx\xxxxxxxx\xxxxx\xxxxxx\xxx\xxxxxxxxxx.xxxxpredictiveWysoki
53Filexxxxxxxxx.xxxxpredictiveWysoki
54Filexxxxxxxxxx/xxxx/xxxxxxxxxxxxxx.xxxpredictiveWysoki
55Filexxxxxxxxxxx/xxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
56Filexxxxxxxxxxx/xxxx.xxxpredictiveWysoki
57Filexxxxxxxxxx.xxxpredictiveWysoki
58Filexxxxxxxxxxxxx.xxxpredictiveWysoki
59Filexxxxxx/xx_xxx.xpredictiveWysoki
60Filexxxxxx/xxxxxxx.xxpredictiveWysoki
61Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveWysoki
62Filexxxx/xxxxx.xxpredictiveWysoki
63Filexxx_xxxxxx_xxxx_xxxxxx.xpredictiveWysoki
64Filexxx_xxxxxxxxxxxx.xxxpredictiveWysoki
65FilexxxxxxxxpredictiveMedium
66Filexx_xxxxxxx.xxxpredictiveWysoki
67Filexxxx/xxxxxxxxxx/xxxxxx-xxx_xxxx_xxx.xpredictiveWysoki
68Filexx_xxxxxxx.xxxpredictiveWysoki
69Filexxxxx-xxxxxx/xxxxxxxx/xxxx-xxxx.xxpredictiveWysoki
70Filexxxxxxxxx/xxxxx/xxxxxxxxxxxx/xxxxxxxxx.xxxpredictiveWysoki
71Filexxxxxxxx.xxxpredictiveMedium
72Filexxxxxxxxxxxxxxxx.xxxxpredictiveWysoki
73Filexxxxxxxxx.xxxpredictiveWysoki
74Filexxxxxxxxx/xxxx.xxxpredictiveWysoki
75Filexxxxx_xxxxxxxx.xxxpredictiveWysoki
76Filexxxxxxxxxxxxxxxxxxxxx.xxxpredictiveWysoki
77Filexxxxxx/xxxxxpredictiveMedium
78Filexxx/xxxxx.xxxxxxxxxxx.xxxpredictiveWysoki
79Filexxx/xxxxxx.xxxpredictiveWysoki
80Filexxx/xxxxx.xxxpredictiveWysoki
81Filexxxxxxxx/xxxxx-xxxxxxxxxx-xxxx.xxxpredictiveWysoki
82Filexxxxxxxx/xxxxxx-xxxxxxx.xxxpredictiveWysoki
83Filexxxxxxxx/xxx_xxxxxxxxx_xxxxxxxxx_xxxxxxx.xxxpredictiveWysoki
84Filexxxxx.xxxpredictiveMedium
85Filexxxxx.xxxxpredictiveMedium
86Filexxxxx.xxxpredictiveMedium
87Filexxxxxx-xxxxx-xxxxxx.xxxpredictiveWysoki
88Filexxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxx/predictiveWysoki
89Filexx/xxxxxx.xxxpredictiveWysoki
90Filexx/xxxxxxxx.xxpredictiveWysoki
91Filexxx/xxx/xxxxxx.xxpredictiveWysoki
92Filexxxxxxxxxxx/xxxxxxxxxxx.xpredictiveWysoki
93Filexxxxx/xxx/xxxxxxxxx/xx_xxxxxx_xxx.xpredictiveWysoki
94Filexxxxx.xxpredictiveMedium
95Filexxxxx.xxxpredictiveMedium
96Filexxxxxxxx.xxxpredictiveMedium
97Filexxxxxxxxx.xpredictiveMedium
98Filexxxxxxxx/xxxxxxxxxxx.xxpredictiveWysoki
99Filexxxx/xxxxx.xxxpredictiveWysoki
100Filexxx_xxxxx.xxxpredictiveWysoki
101Filexxxxx_xxxx.xxxpredictiveWysoki
102Filexxx/xxx/xxx.xpredictiveWysoki
103Filexxxx.xxxpredictiveMedium
104Filexxxxxxxxx.xxxpredictiveWysoki
105Filexxxxxxxxxxx.xxpredictiveWysoki
106Filexxxxxx_xxxxxxx_xxxxx.xxxpredictiveWysoki
107Filexxxx.xxxpredictiveMedium
108Filexxxxx-xxx.xpredictiveMedium
109Filexxxxxxx.xxx?xxxxx=xxx_xxxxxxxxpredictiveWysoki
110Filexxxxx.xxxpredictiveMedium
111Filexxxxxxxxxx/xxxxxxxx.xxpredictiveWysoki
112Filexxxx.xxxpredictiveMedium
113Filexxxxxxxxxxxxxx/xxxxx.xxpredictiveWysoki
114Filexxxxx.xxxpredictiveMedium
115Filexxxxxxxxxxxx.xxxpredictiveWysoki
116Filexxxxxxxx.xxxpredictiveMedium
117Filexxxx-xxxxxxx-xxx.xxpredictiveWysoki
118Filexxxxxxxxxxx/xxxxxxxxx.xxpredictiveWysoki
119Filexxxx.xxxpredictiveMedium
120Filexxxx-xxx.xxxpredictiveMedium
121Filexxx_xxxx.xpredictiveMedium
122Filexxxxxxx_xxxxxx_xxxxxxxxxx.xxxpredictiveWysoki
123Filexxxxxx.xxxpredictiveMedium
124Filexxxxxx/xxxxx.xxxpredictiveWysoki
125Filexxxx_xxxxxx.xxxpredictiveWysoki
126Filexxxxxxxxxxxxxxx.xxxxx.xxxpredictiveWysoki
127Filexxxx.xxxpredictiveMedium
128Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveWysoki
129Filexxxx_xxxxxx_xxxxxx.xxxpredictiveWysoki
130Filexxxxxx.xxxpredictiveMedium
131Filexxxxxxxxx/xxxxxxxxx.xxxxx.xxxpredictiveWysoki
132Filexxxx/xxxxxxxxxx.xxxpredictiveWysoki
133Filexxx/xxxxxxxx.xxpredictiveWysoki
134Filexxx/xxxxxx.xpredictiveMedium
135Filexxx/_xxxxx.xxpredictiveWysoki
136Filexxxxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx.xxpredictiveWysoki
137Filexxxxxx.xxxpredictiveMedium
138Filexxx/xxxxx/xxxxx/xxxxx.xxxpredictiveWysoki
139Filexxx_xxxxxxx.xxxpredictiveWysoki
140Filexxxxxxxxxxxxxx.xxxxxxx.xxxxxxx.xxxpredictiveWysoki
141Filexxxxxxxxx/xx_xxxxxxxxx.xxxpredictiveWysoki
142Filexxxxx/xxxx.xxpredictiveWysoki
143Filexxxxxxx/xxxxxx/xxxxx/xxxxxxx/xxx/xxx.xxxpredictiveWysoki
144Filexxxxxxxxxxxx-xxxxxxxx.xxxpredictiveWysoki
145Filexx-xxxxxxxx/xxxxx-xx-xxxxx.xxxpredictiveWysoki
146Filexx-xxxxx-xxxxxxx.xxxpredictiveWysoki
147Libraryxxxxxxxx/xxxxx.xpredictiveWysoki
148Libraryxxxxxxx/xxxxxxxx.xxxpredictiveWysoki
149Libraryxxx/xxxxxxx.xxxxxx.xxx/xxx/xxxxxxxxxxxxx.xxpredictiveWysoki
150Libraryxxxxxx.xxxpredictiveMedium
151Argument$xxxxxxpredictiveNiski
152ArgumentxxxxxxpredictiveNiski
153ArgumentxxxxpredictiveNiski
154Argumentxxx_xxxpredictiveNiski
155Argumentxxx/xxxxpredictiveMedium
156Argumentxxxx_xxxx_xxpredictiveMedium
157ArgumentxxxxxxxxpredictiveMedium
158ArgumentxxpredictiveNiski
159Argumentxxx_xxpredictiveNiski
160ArgumentxxxxxxpredictiveNiski
161ArgumentxxxxxpredictiveNiski
162ArgumentxxxxpredictiveNiski
163ArgumentxxxxxxpredictiveNiski
164ArgumentxxxxxxxxpredictiveMedium
165Argumentxxxxxxxxx->xxxxxxxxxpredictiveWysoki
166ArgumentxxxxpredictiveNiski
167ArgumentxxxxxxxpredictiveNiski
168ArgumentxxxxxxxxpredictiveMedium
169ArgumentxxxxxxxxpredictiveMedium
170ArgumentxxxxxxxxpredictiveMedium
171Argumentxxxxxxxxxx_xxxx_xxxxxxpredictiveWysoki
172ArgumentxxxxpredictiveNiski
173ArgumentxxxxxxxxxpredictiveMedium
174Argumentxxxx_xxxxxxpredictiveMedium
175ArgumentxxpredictiveNiski
176Argumentxxx/xxxpredictiveNiski
177ArgumentxxxpredictiveNiski
178ArgumentxxxxxpredictiveNiski
179ArgumentxxxxxxxxxxpredictiveMedium
180ArgumentxxxxpredictiveNiski
181Argumentxxxxx/xxxxx_xxxxxxxx/xxxxpredictiveWysoki
182ArgumentxxxpredictiveNiski
183Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveWysoki
184Argumentxxxxxxx/xxxxxxxxpredictiveWysoki
185ArgumentxxxxxpredictiveNiski
186ArgumentxxxxpredictiveNiski
187Argumentxxxxxx/xxxxxxx/xxxx_xxxx/xxxxxxx/xxxxpredictiveWysoki
188ArgumentxxxxxxxxxxxpredictiveMedium
189Argumentxxx_xxxxxxxpredictiveMedium
190Argumentxxxxxx xxxxxxpredictiveWysoki
191ArgumentxxxxxxxxxxxpredictiveMedium
192ArgumentxxxxpredictiveNiski
193Argumentxxxxx/xxxxxpredictiveMedium
194ArgumentxxxxxxxxpredictiveMedium
195ArgumentxxxxxxxxpredictiveMedium
196Argumentxxxxx_xxxx_xxxxpredictiveWysoki
197ArgumentxxxxxxpredictiveNiski
198ArgumentxxxpredictiveNiski
199ArgumentxxxxxxxxxpredictiveMedium
200Argumentx_xxpredictiveNiski
201ArgumentxxxxpredictiveNiski
202ArgumentxxxxxxpredictiveNiski
203ArgumentxxxxxxxxxxpredictiveMedium
204ArgumentxxxxpredictiveNiski
205ArgumentxxpredictiveNiski
206Argumentxxxxxx_xxxxxxx_xxxxxxxxx_xxxx/xxxxxx_xxxxxxx_xxxxxxx_xxxxpredictiveWysoki
207Argumentxxxxxx/xxxxxpredictiveMedium
208ArgumentxxxxxxxxxxxxpredictiveMedium
209ArgumentxxxxxxxxpredictiveMedium
210ArgumentxxxxxxpredictiveNiski
211ArgumentxxxxxxxxxxxxxpredictiveWysoki
212Argumentxxxx.xxx.xxxx/xxxxx.xxxx/xxxx.xxxxxxxx.xxxx/xxxx.xxxxpredictiveWysoki
213ArgumentxxxpredictiveNiski
214ArgumentxxxpredictiveNiski
215ArgumentxxxxpredictiveNiski
216ArgumentxxxxpredictiveNiski
217ArgumentxxxxpredictiveNiski
218ArgumentxxxpredictiveNiski
219ArgumentxxxxxxxpredictiveNiski
220ArgumentxxxxpredictiveNiski
221Argumentxxxxxxxx/xxxxxxxxpredictiveWysoki
222Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxx/xxxx_xxxx/xxxxxxx/xxxxxpredictiveWysoki
223Argumentxxxxxxx_xxxpredictiveMedium
224Argumentx-xxxxxxxxx-xxxpredictiveWysoki
225Input Value../../../../../xxx/xxx/xxxxx/xxxx/xxxxxxxx/xxxxx/xxx.xxxpredictiveWysoki
226Input Value/xxx/xxxxxxpredictiveMedium
227Input Value/xxx/xxxxxxpredictiveMedium
228Input ValuexxxxxxxxxxxxxxxxpredictiveWysoki
229Input Value</xxxxxx><xxxxxx>xxxxx(x)</xxxxxx>predictiveWysoki
230Input ValuexxxxxxpredictiveNiski
231Input Value…/.predictiveNiski
232Network Portxxx/xx (xxx xxxxxxxx)predictiveWysoki

Referencje (4)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!