Chalubo Análise

IOB - Indicator of Behavior (45)

Curso de tempo

Idioma

en34
zh10
de2

País

cn24
us18
de2

Actores

Actividades

Interesse

Curso de tempo

Tipo

Fabricante

Produto

Joomla CMS4
Synacor Zimbra Collaboration4
Gitblit2
Valmet DNA2
Dovecot2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1Cisco Unified Communications Manager TLS Certificate Encriptação fraca5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.001100.00CVE-2014-7991
2Mobile Device Monitoring Service API direitos alargados5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.001510.00CVE-2022-0732
3Deltek Vision RPC over HTTP SQL Injecção SQL8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.005760.03CVE-2018-18251
4Kerio Connect/Connect Client Desktop Application E-Mail Preview direitos alargados6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001850.05CVE-2017-7440
5Google Chrome V8 direitos alargados7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000820.05CVE-2024-0518
6Google Chrome V8 Divulgação de Informação7.57.4$25k-$100k$5k-$25kHighOfficial Fix0.001790.00CVE-2024-0519
7Fortinet FortiWeb Authorization Header Injecção SQL7.77.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001310.05CVE-2020-29015
8Ignition Automation Ignition JavaSerializationCodec direitos alargados9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000650.03CVE-2023-39476
9QNAP QTS Photo Station direitos alargados8.58.4$0-$5k$0-$5kHighOfficial Fix0.963410.06CVE-2019-7192
10Hikvision Hybrid SAN Web Module direitos alargados8.28.1$0-$5k$0-$5kNot DefinedOfficial Fix0.267700.05CVE-2022-28171
11Synacor Zimbra Collaboration mboximport Directório Traversal4.74.5$0-$5k$0-$5kHighOfficial Fix0.947580.00CVE-2022-27925
12Gitblit Directório Traversal6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.007730.04CVE-2022-31268
13Open Webmail openwebmail-main.pl Roteiro Cruzado de Sítios4.34.2$0-$5k$0-$5kHighUnavailable0.002490.00CVE-2007-4172
14Johannes Sixt Kdbg .kdbgrc direitos alargados5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2003-0644
15Litespeed Technologies OpenLiteSpeed Web Server Dashboard Directório Traversal5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000710.04CVE-2022-0072
16Dovecot Quoted String Excesso de tampão8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.613880.04CVE-2019-11500
17MODX CMS modRestServiceRequest XML External Entity7.37.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002360.00CVE-2020-25911
18RoundCube Injecção SQL6.36.0$0-$5k$0-$5kHighOfficial Fix0.004350.00CVE-2021-44026
19Valmet DNA Service Port 1517 direitos alargados9.39.3$0-$5k$0-$5kNot DefinedNot Defined0.001540.00CVE-2021-26726
20WordPress URL direitos alargados8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.007120.00CVE-2019-17670

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
1103.27.185.139Chalubo24/01/2022verifiedMédio
2XXX.XX.XXX.XXXxxxxxx24/01/2022verifiedMédio
3XXX.XXX.XXX.XXXXxxxxxx30/05/2024verifiedVery High
4XXX.XXX.XXX.XXXXxxxxxx30/05/2024verifiedVery High

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1006CAPEC-126CWE-21, CWE-22Path TraversalpredictiveAlto
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
3T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
4TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
6TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveAlto
8TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
9TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveAlto
10TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveAlto
11TXXXXCAPEC-CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
12TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File.kdbgrcpredictiveBaixo
2File/resources//../predictiveAlto
3File/xxxxxxx/predictiveMédio
4Filexxxxxxxx/xxxxxxxxxx/xxxxx-xx-xxxxxxxxx-xxxxxxxx.xxxpredictiveAlto
5Filexxxxx.xxxpredictiveMédio
6Filexxxxxxxxxxx-xxxx.xxpredictiveAlto
7Filexxxx.xx.xxpredictiveMédio
8Argumentxxxxxx_xxxxx_xxxpredictiveAlto
9ArgumentxxxpredictiveBaixo
10Argumentxxxxxx/xxxxxx_xxxxxxpredictiveAlto
11Input Valuexxxx/xxxxx/xxxxxxxx/xxxxxxx/xx/xxxxxxx/xxxxxxxxxx/xx_xxxxpredictiveAlto
12Input Value\xpredictiveBaixo
13Network PortxxxxxpredictiveBaixo
14Network Portxxx/xx (xxx)predictiveMédio

Referências (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you need the next level of professionalism?

Upgrade your account now!