BistroMath Análise

IOB - Indicator of Behavior (214)

Curso de tempo

Idioma

en170
de38
ja4
fr2

País

gb126
us52
ch28
de4
it2

Actores

Actividades

Interesse

Curso de tempo

Tipo

Fabricante

Produto

Microsoft Windows12
phpMyAdmin8
Apache HTTP Server8
Apache Tomcat4
nginx4

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasCTIEPSSCVE
1nginx direitos alargados6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.080.00241CVE-2020-12440
2Abacus ERP Multi Factor Authentication Fraca autenticação7.27.0$0-$5kCalculadoNot DefinedOfficial Fix0.000.00266CVE-2022-1065
3Microsoft IIS Roteiro Cruzado de Sítios5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
4Microsoft Windows Win32k Privilege Escalation7.26.5$25k-$100k$0-$5kProof-of-ConceptOfficial Fix0.000.00137CVE-2022-21882
5Apache OFBiz Exception Divulgação de Informação6.56.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00142CVE-2021-25958
6BlackBer Protect Message Broker Privilege Escalation5.55.5$0-$5k$0-$5kNot DefinedUnavailable0.000.00044CVE-2021-32023
7Oracle WebLogic Server Core Remote Code Execution9.89.6$25k-$100k$5k-$25kNot DefinedOfficial Fix0.030.00137CVE-2023-22069
8Spring Framework JSONP Cross-Domain direitos alargados5.75.6$0-$5kCalculadoNot DefinedOfficial Fix0.030.00264CVE-2018-11040
9ownCloud graphapi GetPhpInfo.php Divulgação de Informação7.67.5$0-$5k$0-$5kNot DefinedOfficial Fix0.000.89250CVE-2023-49103
10Esri ArcGIS Server Injecção SQL8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00123CVE-2021-29114
11Moment.js Directório Traversal6.96.7$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00330CVE-2022-24785
12Rapid4 RapidFlows Enterprise Application Builder GetFile.aspx Directório Traversal6.46.4$0-$5kCalculadoNot DefinedNot Defined0.020.00071CVE-2019-11397
13Apache CXF MTOM Request XOP:Include direitos alargados7.67.5$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.02850CVE-2022-46364
14HCL Domino Server MIME Message Excesso de tampão9.89.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00491CVE-2020-14244
15sitepress-multilingual-cms Plugin class-wp-installer.php Falsificação de Pedido Cross Site6.56.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00427CVE-2020-10568
16Dropbear SSH direitos alargados8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000.02911CVE-2016-7406
17Atlassian JIRA Server/Data Center Email Template Privilege Escalation4.74.5$0-$5k$0-$5kNot DefinedOfficial Fix0.010.00181CVE-2021-43947
18Matrix libolm Session Object olm_session_describe Excesso de tampão6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00685CVE-2021-44538
19Apache Tomcat UTF-8 Decoder Negação de Serviço6.46.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.01830CVE-2018-1336
20polkit pkexec direitos alargados8.88.1$0-$5k$0-$5kProof-of-ConceptWorkaround0.030.00046CVE-2021-4034

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (18)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IOA - Indicator of Attack (41)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/app/register.phppredictiveAlto
2File/etc/cron.d/predictiveMédio
3File/rom-0predictiveBaixo
4File/uncpath/predictiveMédio
5File/usr/bin/pkexecpredictiveAlto
6Filexxxxx/xxxxx.xxxpredictiveAlto
7Filex:\xxxxxxx\xxxxxxxx\xxxxxx\xxxpredictiveAlto
8Filexxx.xxxpredictiveBaixo
9Filexxxxxx.xxxpredictiveMédio
10Filexxx/xxxx/xxx_xxxx.xpredictiveAlto
11Filexxxxxxx.xxxxpredictiveMédio
12Filexxxxxxxxxx.xxxpredictiveAlto
13Filexxxxxxx.xxxpredictiveMédio
14Filexxxxxxxx/xxxxx-xx-xxxxxxxxx.xxxpredictiveAlto
15Filexxxxx.xxxpredictiveMédio
16Filexxxxx/xxxxxxxx.xpredictiveAlto
17Filexxxxxxxxx/xxxxxx.xxxxx.xxxpredictiveAlto
18Filexxxxxxxx/xxxx?xxxxxx=xxpredictiveAlto
19Filexxxxx.xxxpredictiveMédio
20Filexxxxxx.xxxpredictiveMédio
21Filexxx.xxxxxpredictiveMédio
22Filexxxx-xxxxx.xxxpredictiveAlto
23Filexxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
24Filexxxxxxxx/predictiveMédio
25File~/xxxxxxxxxxxxx.xxxpredictiveAlto
26ArgumentxxpredictiveBaixo
27ArgumentxxxxxpredictiveBaixo
28ArgumentxxpredictiveBaixo
29ArgumentxxxxxxxxpredictiveMédio
30ArgumentxxxxxpredictiveBaixo
31ArgumentxxxxpredictiveBaixo
32ArgumentxxxxpredictiveBaixo
33ArgumentxxxxxxxxxxxpredictiveMédio
34Argumentx_xxxxpredictiveBaixo
35Argumentxxxxxx_xxxpredictiveMédio
36ArgumentxxxxxxxxpredictiveMédio
37ArgumentxxxxxpredictiveBaixo
38Argumentxxxxx/xxxxxpredictiveMédio
39ArgumentxxxxxxpredictiveBaixo
40Argumentxxxxxxxx/xxxxpredictiveAlto
41Network Portxxx xxxxxx xxxxpredictiveAlto

Referências (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!