FakeAlert Análise

IOB - Indicator of Behavior (51)

Curso de tempo

Idioma

en40
ru4
de4
es2
fr2

País

Actores

Actividades

Interesse

Curso de tempo

Tipo

Fabricante

Produto

Google Android2
TeamPass2
TP-LINK TL-WR740N2
TP-LINK TL-WR741N2
Microsoft Windows2

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasCTIEPSSCVE
1Netgear ProSAFE Network Management System getNodesByTopologyMapSearch Injecção SQL6.36.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00000CVE-2023-38099
2Samsung UWB Stack Excesso de tampão6.05.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00170CVE-2022-25818
3Cisco Linksys EA2700 URL Divulgação de Informação4.34.1$5k-$25k$0-$5kProof-of-ConceptUnavailable0.080.00000
4Basti2web Book Panel books.php Injecção SQL7.37.0$0-$5k$0-$5kHighOfficial Fix0.040.00064CVE-2009-4889
5HotScripts Clone Script software-description.php Injecção SQL7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00100CVE-2007-6084
6Linux Kernel Spectre Mitigation bugs.c spectre_v2_user_select_mitigation Divulgação de Informação5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00045CVE-2023-1998
7WordPress Directório Traversal5.75.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.030.00326CVE-2023-2745
8nginx direitos alargados6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.080.00241CVE-2020-12440
9Nagios XI command_test.php Privilege Escalation8.07.9$0-$5k$0-$5kNot DefinedOfficial Fix0.040.28543CVE-2023-48085
10Moment.js Directório Traversal6.96.7$0-$5k$0-$5kNot DefinedOfficial Fix0.040.00330CVE-2022-24785
11Moodle LTI Module Roteiro Cruzado de Sítios4.84.7$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00921CVE-2022-35653
12ZoneMinder Language Privilege Escalation6.36.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.38401CVE-2022-29806
13ZoneMinder Snapshot Action shell_exec direitos alargados8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.97003CVE-2023-26035
14Microsoft IIS Roteiro Cruzado de Sítios5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
15Redis Lua Script Excesso de tampão7.47.3$0-$5k$0-$5kNot DefinedOfficial Fix0.080.00329CVE-2022-24834
16Apple iOS/iPadOS Kernel Coldtro Excesso de tampão7.87.6$25k-$100k$5k-$25kHighOfficial Fix0.000.00128CVE-2022-32894
17Asana Desktop Divulgação de Informação4.34.1$0-$5kCalculadoNot DefinedOfficial Fix0.020.00218CVE-2022-26877
18Google Android App Pinning LockTaskController.java shouldLockKeyguard Fraca autenticação6.05.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00042CVE-2021-0472
19XAMPP xampp-contol.ini direitos alargados7.06.7$0-$5k$0-$5kNot DefinedOfficial Fix0.070.00561CVE-2020-11107
20McAfee Network Security Management Command Line Interface Divulgação de Informação5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000.00042CVE-2020-7284

IOC - Indicator of Compromise (13)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadesTipo de acessoTipoAceitação
1T1006CWE-22Path TraversalpredictiveAlto
2T1059CWE-94Argument InjectionpredictiveAlto
3TXXXX.XXXCWE-XX, CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
4TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
5TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveAlto
6TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
7TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (32)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/getcfg.phppredictiveMédio
2File/uncpath/predictiveMédio
3Filearch/x86/kernel/cpu/bugs.cpredictiveAlto
4Filebooks.phppredictiveMédio
5Filecoders/tiff.cpredictiveAlto
6Filexxxxxxx_xxxx.xxxpredictiveAlto
7Filexxxxxxx.xxxpredictiveMédio
8Filexxxxxx.xxxpredictiveMédio
9Filexxxxxxx.xxxpredictiveMédio
10Filexxxxxxxxxx.xxxpredictiveAlto
11Filexxxxx.xxxxxxx.xxxpredictiveAlto
12Filexxxx_xxxx.xxxpredictiveAlto
13Filexxxxxxxxxxxxxxxxxx.xxxxpredictiveAlto
14Filexxxx.xxxpredictiveMédio
15Filexxxxxxxx.xxxpredictiveMédio
16Filexxxxxxxxxx.xxxpredictiveAlto
17Filexxxx_xxxxxxx_xxxxxxxx.xxxpredictiveAlto
18Filexxxxxxxx-xxxxxxxxxxx.xxxpredictiveAlto
19Filexxxxxxxxx.xxpredictiveMédio
20Filexxxxx-xxxxxx.xxxpredictiveAlto
21Libraryxxxxxx.xxxpredictiveMédio
22ArgumentxxxxxxpredictiveBaixo
23ArgumentxxxpredictiveBaixo
24Argumentxxx_xxpredictiveBaixo
25ArgumentxxxpredictiveBaixo
26Argumentxxxx_xxpredictiveBaixo
27ArgumentxxpredictiveBaixo
28Argumentxxxx_xxpredictiveBaixo
29ArgumentxxxxxxxxpredictiveMédio
30Input Valuexxxx -x xxxxxxxx=xxxxxx.xxxxxxx xxxx://xxx.xxx.x.x/xxxxxx.xxxpredictiveAlto
31Pattern|xx|xx|xx|predictiveMédio
32Network Portxxx xxxxxx xxxxpredictiveAlto

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!