DNSLock Анализ

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (11)

Временная шкала

Язык

fr12

Страна

us12

Акторы

DNSLock1

Деятельность

Интерес

Временная шкала

Тип

Not Defined6
Service Management Software2
Wireless LAN Software2
Application Server Software2

Поставщик

SAP6
Foxit2
Not Defined2
Netgear2

Продукт

SAP 3D Visual Enterprise Viewer4
Foxit PhantomPDF2
foreman-debug2
Netgear R61202
Netgear R60802

Уязвимости

#УязвимостиBaseTemp0dayСегодняЭ�RemEPSSCTICVE
1foreman-debug Log File Password эскалация привилегий5.95.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002260.03CVE-2016-9593
2Netgear R6120/R6080/R6260/R6220/R6020/JNR3210/WNR2020 mini_httpd Service слабая аутентификация5.45.4$5k-$25k$5k-$25kNot DefinedNot Defined0.002070.00CVE-2020-17409
3Foxit PhantomPDF U3D Object раскрытие информации3.83.8$0-$5k$0-$5kNot DefinedNot Defined0.001190.00CVE-2020-17411
4Foxit PhantomPDF U3D Object раскрытие информации6.06.0$0-$5k$0-$5kNot DefinedNot Defined0.003040.00CVE-2020-17412
5SAP Business Planning and Consolidation межсайтовый скриптинг4.44.4$0-$5k$0-$5kNot DefinedNot Defined0.000540.00CVE-2020-6368
6SAP NetWeaver Application Server ABAP раскрытие информации4.34.3$5k-$25k$0-$5kNot DefinedNot Defined0.000540.00CVE-2020-6371
7SAP 3D Visual Enterprise Viewer PDF File отказ в обслуживании6.06.0$5k-$25k$5k-$25kNot DefinedNot Defined0.000810.00CVE-2020-6372
8SAP 3D Visual Enterprise Viewer PDF File отказ в обслуживании6.06.0$5k-$25k$5k-$25kNot DefinedNot Defined0.000810.00CVE-2020-6373
9SAP 3D Visual Enterprise Viewer JT File отказ в обслуживании6.06.0$5k-$25k$5k-$25kNot DefinedNot Defined0.000810.00CVE-2020-6374
10SAP 3D Visual Enterprise Viewer CGM File отказ в обслуживании4.94.9$5k-$25k$5k-$25kNot DefinedNot Defined0.000610.00CVE-2020-6375
11SAP 3D Visual Enterprise Viewer RH File отказ в обслуживании4.54.5$0-$5k$0-$5kNot DefinedNot Defined0.000610.00CVE-2020-6376

IOC - Indicator of Compromise (6)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-адресHostnameАкторКампанииIdentifiedТипУверенность
118.220.249.233ec2-18-220-249-233.us-east-2.compute.amazonaws.comDNSLock08.04.2022verifiedСредний
252.77.199.193ec2-52-77-199-193.ap-southeast-1.compute.amazonaws.comDNSLock08.04.2022verifiedСредний
3XX.XXX.XXX.XXxxx-xx-xxx-xxx-xx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxx08.04.2022verifiedСредний
4XX.XXX.XXX.XXXxxx-xx-xxx-xxx-xxx.xxxxxxx-x.xxxxxxxxx.xxxXxxxxxx08.04.2022verifiedСредний
5XX.XXX.XX.XXXxxxxxx08.04.2022verifiedВысокий
6XX.XXX.XXX.XXXXxxxxxx08.04.2022verifiedВысокий

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueУязвимостиВектор доступаТипУверенность
1T1059.007CWE-79Cross Site ScriptingpredictiveВысокий
2TXXXXCWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveВысокий
3TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveВысокий

Ссылки (2)

The following list contains external sources which discuss the actor and the associated activities:

ПредыдущийОбзорДалее

Interested in the pricing of exploits?

See the underground prices here!