Chalubo Анализ

IOB - Indicator of Behavior (45)

Временная шкала

Язык

en34
zh10
ru2

Страна

cn26
us18
ru2

Акторы

Деятельность

Интерес

Временная шкала

Тип

Поставщик

Продукт

Synacor Zimbra Collaboration4
Joomla CMS2
Craft CMS2
MikroTik Winbox2
Deltek Vision2

Уязвимости

#УязвимостиBaseTemp0dayСегодняЭ�RemEPSSCTICVE
1Cisco Unified Communications Manager TLS Certificate слабое шифрование5.34.6$5k-$25k$0-$5kUnprovenOfficial Fix0.001100.00CVE-2014-7991
2Mobile Device Monitoring Service API эскалация привилегий5.55.5$0-$5k$0-$5kNot DefinedNot Defined0.001510.00CVE-2022-0732
3Deltek Vision RPC over HTTP SQL sql-инъекция8.08.0$0-$5k$0-$5kNot DefinedNot Defined0.005760.03CVE-2018-18251
4Kerio Connect/Connect Client Desktop Application E-Mail Preview эскалация привилегий6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.001850.05CVE-2017-7440
5Google Chrome V8 эскалация привилегий7.57.4$25k-$100k$5k-$25kNot DefinedOfficial Fix0.000820.05CVE-2024-0518
6Google Chrome V8 раскрытие информации7.57.4$25k-$100k$5k-$25kHighOfficial Fix0.001790.00CVE-2024-0519
7Fortinet FortiWeb Authorization Header sql-инъекция7.77.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001310.05CVE-2020-29015
8Ignition Automation Ignition JavaSerializationCodec эскалация привилегий9.89.8$0-$5k$0-$5kNot DefinedNot Defined0.000650.03CVE-2023-39476
9QNAP QTS Photo Station эскалация привилегий8.58.4$0-$5k$0-$5kHighOfficial Fix0.963410.06CVE-2019-7192
10Hikvision Hybrid SAN Web Module эскалация привилегий8.28.1$0-$5k$0-$5kNot DefinedOfficial Fix0.267700.05CVE-2022-28171
11Synacor Zimbra Collaboration mboximport обход каталога4.74.5$0-$5k$0-$5kHighOfficial Fix0.947580.03CVE-2022-27925
12Gitblit обход каталога6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.007730.07CVE-2022-31268
13Open Webmail openwebmail-main.pl межсайтовый скриптинг4.34.2$0-$5k$0-$5kHighUnavailable0.002490.00CVE-2007-4172
14Johannes Sixt Kdbg .kdbgrc эскалация привилегий5.95.7$0-$5k$0-$5kNot DefinedOfficial Fix0.000420.00CVE-2003-0644
15Litespeed Technologies OpenLiteSpeed Web Server Dashboard обход каталога5.55.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000710.04CVE-2022-0072
16Dovecot Quoted String повреждение памяти8.58.4$0-$5k$0-$5kNot DefinedOfficial Fix0.613880.04CVE-2019-11500
17MODX CMS modRestServiceRequest XML External Entity7.37.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.002360.00CVE-2020-25911
18RoundCube sql-инъекция6.36.0$0-$5k$0-$5kHighOfficial Fix0.004350.03CVE-2021-44026
19Valmet DNA Service Port 1517 эскалация привилегий9.39.3$0-$5k$0-$5kNot DefinedNot Defined0.001540.00CVE-2021-26726
20WordPress URL эскалация привилегий8.58.4$5k-$25k$0-$5kNot DefinedOfficial Fix0.007120.00CVE-2019-17670

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-адресHostnameАкторКампанииIdentifiedТипУверенность
1103.27.185.139Chalubo24.01.2022verifiedСредний
2XXX.XX.XXX.XXXxxxxxx24.01.2022verifiedСредний
3XXX.XXX.XXX.XXXXxxxxxx30.05.2024verifiedVery High
4XXX.XXX.XXX.XXXXxxxxxx30.05.2024verifiedVery High

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueКлассУязвимостиВектор доступаТипУверенность
1T1006CAPEC-126CWE-21, CWE-22Path TraversalpredictiveВысокий
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveВысокий
3T1059CAPEC-242CWE-94Argument InjectionpredictiveВысокий
4TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveВысокий
5TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveВысокий
6TXXXXCAPEC-108CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveВысокий
7TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveВысокий
8TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveВысокий
9TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveВысокий
10TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveВысокий
11TXXXXCAPEC-CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveВысокий
12TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveВысокий

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDКлассIndicatorТипУверенность
1File.kdbgrcpredictiveНизкий
2File/resources//../predictiveВысокий
3File/xxxxxxx/predictiveСредний
4Filexxxxxxxx/xxxxxxxxxx/xxxxx-xx-xxxxxxxxx-xxxxxxxx.xxxpredictiveВысокий
5Filexxxxx.xxxpredictiveСредний
6Filexxxxxxxxxxx-xxxx.xxpredictiveВысокий
7Filexxxx.xx.xxpredictiveСредний
8Argumentxxxxxx_xxxxx_xxxpredictiveВысокий
9ArgumentxxxpredictiveНизкий
10Argumentxxxxxx/xxxxxx_xxxxxxpredictiveВысокий
11Input Valuexxxx/xxxxx/xxxxxxxx/xxxxxxx/xx/xxxxxxx/xxxxxxxxxx/xx_xxxxpredictiveВысокий
12Input Value\xpredictiveНизкий
13Network PortxxxxxpredictiveНизкий
14Network Portxxx/xx (xxx)predictiveСредний

Ссылки (3)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!