Satori Análise

IOB - Indicator of Behavior (177)

Curso de tempo

Idioma

en156
es18
fr2
ru2

País

us88
ru34
es10
se10
nl6

Actores

Actividades

Interesse

Curso de tempo

Tipo

Fabricante

Produto

Cisco Registered Envelope Service6
Puppet Enterprise4
PHP4
RoundCube Webmail4
AnyDesk4

Vulnerabilidades

#VulnerabilidadeBaseTemp0dayHojeExpMasCTIEPSSCVE
1DZCP deV!L`z Clanportal config.php direitos alargados7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.630.00943CVE-2010-0966
2Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash Divulgação de Informação5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192
3Online Book Store admin_add.php direitos alargados6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000.03533CVE-2020-19113
4Campcodes Online Thesis Archiving System manage_user.php Injecção SQL7.57.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.090.00073CVE-2023-2149
5GFI Kerio Control Login Page DOM-Based Roteiro Cruzado de Sítios6.16.0$0-$5k$0-$5kFunctionalNot Defined0.040.00200CVE-2019-16414
6OpenSSH Authentication Username Divulgação de Informação5.34.8$5k-$25k$0-$5kHighOfficial Fix0.000.10737CVE-2016-6210
7Microsoft IIS Roteiro Cruzado de Sítios5.24.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.020.00548CVE-2017-0055
8Progress MOVEit Automation Web Admin Application Roteiro Cruzado de Sítios5.24.9$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00435CVE-2020-12677
9phpMyAdmin grab_globals.lib.php Directório Traversal4.84.4$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.050.02334CVE-2005-3299
10Redis redis-cli Excesso de tampão7.16.8$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.050.00584CVE-2018-12326
11Wazzum Wazzum Dating Software profile_view.php Injecção SQL7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00064CVE-2009-0293
12LimeSurvey File Upload Directório Traversal7.16.9$0-$5kCalculadoNot DefinedOfficial Fix0.020.00248CVE-2018-1000659
13Apache HTTP Server ap_some_auth_required direitos alargados3.73.2$25k-$100k$0-$5kUnprovenOfficial Fix0.020.00522CVE-2015-3185
14Synacor Zimbra Collaboration XML External Entity8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00441CVE-2016-9924
15Samba Shared Library is_known_pipename SambaCry direitos alargados9.89.4$100k e mais$0-$5kHighOfficial Fix0.020.97264CVE-2017-7494
16MikroTik RouterOS Winbox/HTTP Interface direitos alargados7.87.8$0-$5k$0-$5kNot DefinedNot Defined0.030.00055CVE-2023-30799
17Oracle WebLogic Server jQuery Roteiro Cruzado de Sítios6.16.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.020.00660CVE-2015-9251
18Technitium DNS Server NS Record direitos alargados5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.000.00054CVE-2021-43105
19PHP phpinfo Roteiro Cruzado de Sítios4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.02101CVE-2007-1287
20Danneo CMS Injecção SQL7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000.00135CVE-2009-3118

Campanhas (1)

These are the campaigns that can be associated with the actor:

  • CVE-2014-8361 / CVE 2017-17215

IOC - Indicator of Compromise (12)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

TTP - Tactics, Techniques, Procedures (16)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueVulnerabilidadesTipo de acessoTipoAceitação
1T1006CWE-22Path TraversalpredictiveAlto
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveAlto
3T1059CWE-94Argument InjectionpredictiveAlto
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveAlto
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveAlto
6TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveAlto
7TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveAlto
8TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveAlto
9TXXXXCWE-XXXxx XxxxxxxxxpredictiveAlto
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveAlto
11TXXXXCWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveAlto
12TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveAlto
13TXXXX.XXXCWE-XXXxxxxxxxxxxxxpredictiveAlto
14TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveAlto
15TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveAlto
16TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveAlto

IOA - Indicator of Attack (86)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClasseIndicatorTipoAceitação
1File/admin/user/manage_user.phppredictiveAlto
2File/anony/mjpg.cgipredictiveAlto
3File/plainpredictiveBaixo
4File/public/login.htmpredictiveAlto
5File/uncpath/predictiveMédio
6File/wbms/classes/Master.php?f=delete_clientpredictiveAlto
7File14all.cgi/14all-1.1.cgi/traffic.cgi/mrtg.cgipredictiveAlto
8Fileadmin_add.phppredictiveAlto
9Fileawstats.plpredictiveMédio
10Filebooks.phppredictiveMédio
11Filex-xxxxxx/xxxxxxx.xpredictiveAlto
12Filexxxx/xxxxxx/xxxxxx/xxxxxxxxxxxxxx.xxxxpredictiveAlto
13Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveAlto
14Filexxxxx/xxxxxxxx.xxxpredictiveAlto
15Filexxxxxxxxx.xxxpredictiveAlto
16Filexxxxxxxxxxxxxxxxx.xxxpredictiveAlto
17Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictiveAlto
18Filexxxxx_xxx_xxxxx.xxxpredictiveAlto
19Filexxxx_xxxxxxx.xxx.xxxpredictiveAlto
20Filexxx/xxxxxx.xxxpredictiveAlto
21Filexxx/xxxxxxxxxxx/xxxxxxx.xxxpredictiveAlto
22Filexxxxxxxx/xxxxxxx.xxxpredictiveAlto
23Filexxxxx.xxxpredictiveMédio
24Filexxxxx.xxx?xx=xxxxxxx&xxx=xxxpredictiveAlto
25Filexxxx_xxxx.xxxpredictiveAlto
26Filexxxxxx/xxxxxx/xxxx.xpredictiveAlto
27Filexxxxxxxxx/xxxxxxx.xpredictiveAlto
28Filexxxxxxxxx.xxxpredictiveAlto
29Filexxxxx/?xxxxxx=xxxxxxx&xxxxpredictiveAlto
30Filexxx_xxxxx_xxxxx.xpredictiveAlto
31Filexxxxxxxx.xxxxxpredictiveAlto
32Filexxxxxxx.xxxpredictiveMédio
33Filexxxxxxx.xxxpredictiveMédio
34Filexxxxxxxx.xxxpredictiveMédio
35Filexxxxxxx_xxxxxxx.xxxpredictiveAlto
36Filexxxxxxx_xxxx.xxxpredictiveAlto
37Filexxxxx_xxxxxxx.xxxpredictiveAlto
38Filexxxxxxxxx.xxxxpredictiveAlto
39Filexxxxx.xxxpredictiveMédio
40Filexxxxx-xxxx.xxxpredictiveAlto
41Filexxxxxxxxx.xxxpredictiveAlto
42Filexxxxxxxx/xxxxxx.xxxxxxxxpredictiveAlto
43Filexx-xxxxx/xxxxx-xxxx.xxxpredictiveAlto
44Filexx-xxxxx.xxxpredictiveMédio
45Filexxxxxxx.xxxpredictiveMédio
46Library/xxx/xxxxx/xxxxxxxxx.xxpredictiveAlto
47Libraryxxx.xxxpredictiveBaixo
48Libraryxxxxx/xxxxxx/xxx/xxxxx/xxxxx.xxxxx_xx.xxxpredictiveAlto
49Libraryxxx/xxx/xxxx/predictiveAlto
50Libraryxx-xxxxxxx/xxxxxxx/xxxxxx/xxx_xxxx.xxxpredictiveAlto
51Argument-xpredictiveBaixo
52Argument-xxxxxxxxxxxxxpredictiveAlto
53Argument-xpredictiveBaixo
54ArgumentxxxxxxxxpredictiveMédio
55ArgumentxxxxxxpredictiveBaixo
56ArgumentxxxpredictiveBaixo
57Argumentxxxx_xxpredictiveBaixo
58ArgumentxxxxxxxpredictiveBaixo
59ArgumentxxxxxxpredictiveBaixo
60ArgumentxxxxxxxxxxxpredictiveMédio
61Argumentxxxxxxxxx_xxxxxx_xxxxpredictiveAlto
62ArgumentxxxxpredictiveBaixo
63ArgumentxxxxpredictiveBaixo
64ArgumentxxxxxxxxpredictiveMédio
65ArgumentxxpredictiveBaixo
66ArgumentxxxpredictiveBaixo
67ArgumentxxxxxxpredictiveBaixo
68ArgumentxxxxxxxpredictiveBaixo
69ArgumentxxxpredictiveBaixo
70ArgumentxxxxxxxxxpredictiveMédio
71ArgumentxxxxxpredictiveBaixo
72ArgumentxxxxpredictiveBaixo
73ArgumentxxxxxpredictiveBaixo
74ArgumentxxxxpredictiveBaixo
75ArgumentxxxxxxxxpredictiveMédio
76ArgumentxxxxxxxpredictiveBaixo
77ArgumentxxxpredictiveBaixo
78Argumentxxxxx_xxxx/xxxxx_xxxxxx/xxx_xxxx/xxx_xxxxxx/xxxxxxxxpredictiveAlto
79Argumentxxxx_xxpredictiveBaixo
80ArgumentxxxxxxpredictiveBaixo
81Argumentxxxxxxxx/xxxxxxxxpredictiveAlto
82Input Value../predictiveBaixo
83Network Portxxx/xxxpredictiveBaixo
84Network Portxxx/xxxxpredictiveMédio
85Network Portxxx/xxx (xxx)predictiveAlto
86Network Portxxx xxxxxx xxxxpredictiveAlto

Referências (4)

The following list contains external sources which discuss the actor and the associated activities:

Want to stay up to date on a daily basis?

Enable the mail alert feature now!