NetDooka Análise

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (127)

Curso de tempo

Idioma

en128

País

de128

Actores

NetDooka1

Actividades

Interesse

Curso de tempo

Tipo

Not Defined82
Content Management System10
Web Browser6
Cloud Software6
Wireless LAN Software2

Fabricante

Not Defined30
Aruba14
Cisco8
Netgear6
Google6

Produto

Google Chrome6
Panasonic AiSEG24
Cisco DNA Center4
QNAP QVR4
Siemens APOGEE MBC4

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasEPSSCTICVE
1Panasonic AiSEG2 Header Fraca autenticação9.29.2$5k-$25k$0-$5kNot DefinedNot Defined0.000530.00CVE-2023-28727
2Panasonic AiSEG2 direitos alargados8.48.4$5k-$25k$5k-$25kNot DefinedNot Defined0.001860.02CVE-2023-28726
3Aruba ClearPass OnGuard Agent direitos alargados7.87.8$5k-$25k$5k-$25kNot DefinedNot Defined0.000420.00CVE-2023-25590
4Aruba AOS-CX Network Analytics Engine Privilege Escalation7.77.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.001710.02CVE-2023-1168
5Aruba ClearPass Policy Manager Web-based Management Interface direitos alargados7.17.1$5k-$25k$5k-$25kNot DefinedNot Defined0.000890.02CVE-2023-25594
6Netgear Orbi Router RBR750 HTTP Request direitos alargados8.48.3$5k-$25k$5k-$25kNot DefinedNot Defined0.000970.05CVE-2022-37337
7Hsycms Add Category Module cate.php Roteiro Cruzado de Sítios4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001860.18CVE-2023-1349
8Sage XRT Business Exchange Add Currencies/Payment Order/Transfer History Injecção SQL7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.000710.00CVE-2022-34324
9TRENDnet TEW755AP wizard_ipv6 Excesso de tampão7.67.6$0-$5k$0-$5kNot DefinedNot Defined0.001900.00CVE-2022-46583
10Elvexys StreamX HTML Component Directório Traversal5.45.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000670.00CVE-2022-4778
11Mozilla Thunderbird WebGL Excesso de tampão6.46.2$5k-$25k$0-$5kNot DefinedOfficial Fix0.002080.00CVE-2022-46880
12Aruba EdgeConnect Enterprise Web Management Interface Privilege Escalation8.08.0$5k-$25k$5k-$25kNot DefinedNot Defined0.001370.00CVE-2022-44533
13Aruba Networks ArubaOS PAPI direitos alargados9.89.6$5k-$25k$0-$5kNot DefinedOfficial Fix0.003210.02CVE-2022-37897
14House Rental System view-property.php Injecção SQL7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002230.07CVE-2022-4274
15SimplePress Plugin Roteiro Cruzado de Sítios5.65.6$0-$5k$0-$5kNot DefinedNot Defined0.000500.02CVE-2022-4027
16Mozilla Firefox window.print Negação de Serviço4.34.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.001030.00CVE-2022-42929
17Juniper Junos OS/Junos OS Evolved RPD Condição de Corrida5.95.8$5k-$25k$0-$5kNot DefinedOfficial Fix0.000950.00CVE-2022-22225
18Academy Learning Management System Roteiro Cruzado de Sítios4.84.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.002120.02CVE-2022-38553
19Modern Campus Omni CMS login-page Injecção SQL8.07.9$0-$5k$0-$5kNot DefinedNot Defined0.001580.06CVE-2022-40766
20XPDF AcroForm.cc Excesso de tampão5.95.9$0-$5k$0-$5kNot DefinedNot Defined0.000510.00CVE-2022-36561

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDEndereço IPHostnameActorCampanhasIdentifiedTipoAceitação
1195.201.81.165static.165.81.201.195.clients.your-server.deNetDooka20/04/2023verifiedAlto

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassificaçãoVulnerabilidadesTipo de acessoTipoAceitação
1T1006CAPEC-126CWE-22Path TraversalpredictiveAlto
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveAlto
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
4T1059CAPEC-242CWE-94Argument InjectionpredictiveAlto
5TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveAlto
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveAlto
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
9TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveAlto
10TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveAlto
11TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
12TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
13TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveAlto
14TXXXXCAPEC-116CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
15TXXXXCAPEC-112CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
16TXXXX.XXXCAPEC-0CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
17TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (34)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/api/ZRMacClone/mac_addr_clonepredictiveAlto
2File/controller/publishHotel.php&amppredictiveAlto
3File/fuelCM/fuel/pages/edit/1?lang=englishpredictiveAlto
4File/interface/main/backup.phppredictiveAlto
5File/view-property.phppredictiveAlto
6File/xx-xxxxx/xxxxx-xxxx.xxxpredictiveAlto
7File/xxxx/xxxxxxxx.xxpredictiveAlto
8Filexxx/xxxxx/xxxxxx/xxxxx/xxxxx.xxxpredictiveAlto
9Filexxxxxxxxxx\xxxx.xxxpredictiveAlto
10Filexxxx/xxpredictiveBaixo
11Filexxxxxxxx/xxxxx-xxxx-xxxxxxxx.xxxpredictiveAlto
12Filexxxxxxxxxxxxxx.xxxpredictiveAlto
13Filexxxxxxxxxxxxxxxxxx.xxxpredictiveAlto
14File\xxxxx\xxxxxxxxxxxpredictiveAlto
15ArgumentxxxxpredictiveBaixo
16ArgumentxxxxxxxxxxxpredictiveMédio
17ArgumentxxxxxxxpredictiveBaixo
18ArgumentxxxxpredictiveBaixo
19Argumentxxxxx/xxxxxxxpredictiveAlto
20Argumentxxxxxxx/xxxxxpredictiveAlto
21ArgumentxxxxpredictiveBaixo
22ArgumentxxxxxxxxpredictiveMédio
23ArgumentxxxxxpredictiveBaixo
24Argumentxxxxxxxx_xxpredictiveMédio
25Argumentxxxxxx_xxxxpredictiveMédio
26ArgumentxxxxxxxxpredictiveMédio
27ArgumentxxxxxxxxxxpredictiveMédio
28ArgumentxxxxxxpredictiveBaixo
29ArgumentxxxpredictiveBaixo
30ArgumentxxxxxxxpredictiveBaixo
31Argumentxxxxxxxxx_xxxxx_xxxxxxx_xpredictiveAlto
32ArgumentxxxxxpredictiveBaixo
33ArgumentxxxxxpredictiveBaixo
34Argumentx-xxxxxxxxx-xxxpredictiveAlto

Referências (2)

The following list contains external sources which discuss the actor and the associated activities:

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!