PowerPool Analiza

IOB - Indicator of Behavior (47)

Oś czasu

Język

en24
zh16
jp4
ko4

Kraj

Aktorzy

Zajęcia

Wysiłek

Oś czasu

Rodzaj

Sprzedawca

Produkt

kube-rbac-proxy2
Teltonika RUT9XX2
PostgreSQL2
ZyXEL NAS3262
ZyXEL NAS5402

Luki w zabezpieczeniach

#Słaby punktBaseTemp0dayDzisiajWykPrzCTIEPSSCVE
1GitLab Community Edition/Enterprise Edition Image File Privilege Escalation6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.010.97463CVE-2021-22205
2Oracle Java SE Libraries nieznana luka5.95.7$25k-$100k$5k-$25kNot DefinedOfficial Fix0.020.00249CVE-2021-2161
3Nginx Autoindex Module memory corruption5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00845CVE-2017-20005
4Juniper ScreenOS weak encryption7.37.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.02583CVE-2015-7756
5jforum User privilege escalation5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.020.00289CVE-2019-7550
6Google Android System_server SkSwizzler.cpp onSetSampleX memory corruption7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00125CVE-2019-1986
7Microsoft Azure DevOps Server nieznana luka6.15.3$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00427CVE-2021-28459
8IBM Spectrum Scale GPFS Command Line Utility information disclosure5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.000.00051CVE-2018-1723
9Microsoft Azure Stack Hub information disclosure5.95.6$5k-$25k$0-$5kUnprovenOfficial Fix0.020.00073CVE-2024-20679
10Apache Shiro API directory traversal8.07.9$5k-$25k$0-$5kNot DefinedOfficial Fix0.050.00071CVE-2023-34478
11ZyXEL NAS326/NAS540 HTTP Request privilege escalation9.89.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.02427CVE-2023-27992
12Google Chrome V8 privilege escalation7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.030.00177CVE-2022-4174
13Appsmith List Widget cross site scripting3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.040.00099CVE-2022-39824
14XpressEngine XE Normal Button privilege escalation5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00058CVE-2021-44912
15PHP SOAP Extension unserialize information disclosure8.17.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.040.06579CVE-2015-4600
16kube-rbac-proxy TLS Configuration weak encryption6.26.1$0-$5kObliczenieNot DefinedOfficial Fix0.000.00430CVE-2019-3818
17GitBook Stored cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00077CVE-2017-16019
18Oracle Java SE Libraries nieznana luka5.35.1$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000.00158CVE-2021-2163
19PostgreSQL memory corruption5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00543CVE-2021-32027
20Nginx Open Source/Plus/Ingress Controller Resolver memory corruption5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.030.58180CVE-2021-23017

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDadres IPHostnameAktorKampanieIdentifiedRodzajPewność siebie
127.102.106.149PowerPool2021-05-31verifiedWysoki

TTP - Tactics, Techniques, Procedures (9)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueLuki w zabezpieczeniachWektor dostępuRodzajPewność siebie
1T1006CWE-22Path TraversalpredictiveWysoki
2T1059CWE-94Argument InjectionpredictiveWysoki
3TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveWysoki
4TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveWysoki
5TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveWysoki
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveWysoki
7TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveWysoki
8TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveWysoki
9TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveWysoki

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlasaIndicatorRodzajPewność siebie
1Fileautologin.cgipredictiveWysoki
2Filecommand.phppredictiveMedium
3Filexxxxx.xxxpredictiveMedium
4Filexxxx/xxxxxxx.xxxpredictiveWysoki
5Filexxxxxx.xpredictiveMedium
6Filexxxxxxxx/xxxxx/xxxxxxxx?xxxxxxxxpredictiveWysoki
7Filexxxxxxxxxx.xxxpredictiveWysoki
8ArgumentxxxpredictiveNiski
9ArgumentxxxxxxxxxxxpredictiveMedium
10ArgumentxxpredictiveNiski
11Input Value.%xx.../.%xx.../predictiveWysoki

Referencje (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!