Bouvet Island Unknown Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (17)

Idioma

en	16
fr	2

País

us	12
fr	2
ru	2

Actores

Chthonic	1
Gabon	1

Interesse

Tipo

Not Defined	4
Forum Software	2
Web Server	2
Operating System	2
File Transfer Software	2

Fabricante

Not Defined	10
Microsoft	2
Oracle	2
Studio 42	2

Produto

Codoforum	2
lighttpd	2
Microsoft Windows	2
vsftpd	2
myPHPNuke	2

Vulnerabilidades

#	Vulnerabilidade	Base	Temp	0day	Hoje	Exp	Mas	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Divulgação de Informação	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02016	0.02	CVE-2007-1192
2	vsftpd deny_file vulnerabilidade desconhecida	3.7	3.6	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00312	0.02	CVE-2015-1419
3	Microsoft Windows Multimedia Library winmm.dll Excesso de tampão	10.0	9.5	$100k e mais	$0-$5k	High	Official Fix	0.97281	0.04	CVE-2012-0003
4	Smarty direitos alargados	9.8	9.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00194	0.00	CVE-2010-4727
5	Codoforum User Registration Roteiro Cruzado de Sítios	5.2	4.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00148	0.05	CVE-2020-5842
6	Pivotal RabbitMQ password direitos alargados	7.7	7.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00343	0.00	CVE-2016-9877
7	Apache ActiveMQ Web-based Administration Console queue.jsp Roteiro Cruzado de Sítios	6.8	6.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.34776	0.03	CVE-2018-8006
8	Oracle MySQL Workbench Fraca autenticação	9.1	9.0	$25k-$100k	$0-$5k	High	Official Fix	0.15306	0.00	CVE-2018-10933
9	Intel Server Board/Compute Module Platform Sample/Silicon Reference firmware direitos alargados	5.4	5.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00062	0.00	CVE-2018-12204
10	Unix SGID direitos alargados	6.3	6.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.02
11	Studio 42 elFinder elFinder.class.php zipdl Directório Traversal	7.8	7.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00434	0.00	CVE-2018-9109
12	Pilotgroup eLMS Pro subscribe.php Roteiro Cruzado de Sítios	4.3	4.3	$0-$5k	$0-$5k	High	Unavailable	0.00220	0.07	CVE-2010-2356
13	myPHPNuke print.php Roteiro Cruzado de Sítios	4.3	3.9	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00220	0.01	CVE-2008-4089
14	WordPress Password Reset wp-login.php mail direitos alargados	6.1	5.8	$5k-$25k	$0-$5k	Proof-of-Concept	Not Defined	0.02827	0.02	CVE-2017-8295
15	lighttpd Log File http_auth.c direitos alargados	7.5	7.1	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.01123	0.00	CVE-2015-3200

IOC - Indicator of Compromise (8)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	Endereço IP	Hostname	Actor	Identified	Tipo	Aceitação
1	31.28.161.170		Bouvet Island Unknown	09/11/2022	verified	Alto
2	45.12.70.34	actualise.get-eye.com	Bouvet Island Unknown	09/11/2022	verified	Alto
3	XX.XX.XX.XX		Xxxxxx Xxxxxx Xxxxxxx	09/11/2022	verified	Alto
4	XX.XX.XX.X		Xxxxxx Xxxxxx Xxxxxxx	06/02/2023	verified	Alto
5	XXX.XXX.XXX.X		Xxxxxx Xxxxxx Xxxxxxx	09/11/2022	verified	Alto
6	XXX.XX.XX.XX		Xxxxxx Xxxxxx Xxxxxxx	09/11/2022	verified	Alto
7	XXX.XX.XXX.XX		Xxxxxx Xxxxxx Xxxxxxx	09/11/2022	verified	Alto
8	XXX.XXX.XXX.XXX	xxx.xxx.xxxxxx.xxx	Xxxxxx Xxxxxx Xxxxxxx	09/11/2022	verified	Alto

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Vulnerabilidades	Tipo de acesso	Tipo	Aceitação
1	T1006	CWE-22	Path Traversal	predictive	Alto
2	T1055	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Alto
3	TXXXX.XXX	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Alto
4	TXXXX	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
5	TXXXX	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Alto
6	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Alto

IOA - Indicator of Attack (15)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Classe	Indicator	Tipo	Aceitação
1	File	data/gbconfiguration.dat	predictive	Alto
2	File	elFinder.class.php	predictive	Alto
3	File	http_auth.c	predictive	Médio
4	File	xxxxx.xxx?x=/xxxx/xxxxxxxx	predictive	Alto
5	File	xxxxx.xxx	predictive	Médio
6	File	xxxxx.xxx	predictive	Médio
7	File	xxxxxxxxx.xxx	predictive	Alto
8	File	xxxxxxxx/xxxxxxxx	predictive	Alto
9	File	xx-xxxxx.xxx	predictive	Médio
10	Library	xxxxx.xxx	predictive	Médio
11	Argument	?xxx	predictive	Baixo
12	Argument	xxxxxx_xx	predictive	Médio
13	Argument	xxxx	predictive	Baixo
14	Argument	xxxxxxxxxxx	predictive	Médio
15	Argument	xxx	predictive	Baixo

Referências (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ VoltarVisão GeralPróximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!