Gallmaker Анализ

IOB - Indicator of Behavior (231)

Временная шкала

Язык

en192
zh36
pl2
ru2

Страна

la190
us20
cn4

Акторы

Деятельность

Интерес

Временная шкала

Тип

Поставщик

Продукт

Microsoft Windows6
Google Android6
Revive Adserver6
WordPress6
Microsoft Exchange Server4

Уязвимости

#УязвимостиBaseTemp0dayСегодняЭ�RemCTIEPSSCVE
1Tiki Admin Password tiki-login.php слабая аутентификация8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix2.710.00936CVE-2020-15906
2TikiWiki tiki-register.php эскалация привилегий7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix7.030.01009CVE-2006-6168
3Drupal Sanitization API межсайтовый скриптинг3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00056CVE-2020-13672
4LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable3.750.00000
5LiteSpeed Cache Plugin Shortcode межсайтовый скриптинг3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.030.00051CVE-2023-4372
6WebTitan Appliance Extensions Persistent межсайтовый скриптинг3.53.4$0-$5k$0-$5kNot DefinedNot Defined0.020.00000
7ipTIME NAS-I Bulletin Manage эскалация привилегий7.17.1$0-$5k$0-$5kNot DefinedNot Defined0.030.00988CVE-2020-7847
8request-baskets API Request {name} эскалация привилегий6.46.4$0-$5k$0-$5kNot DefinedNot Defined0.000.05974CVE-2023-27163
9DZCP deV!L`z Clanportal config.php эскалация привилегий7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.590.00943CVE-2010-0966
10PHP phpinfo межсайтовый скриптинг4.33.9$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.030.02101CVE-2007-1287
11nginx эскалация привилегий6.96.9$0-$5k$0-$5kNot DefinedNot Defined0.080.00241CVE-2020-12440
12Microsoft Windows Scripting Engine Remote Code Execution5.95.1$25k-$100k$5k-$25kUnprovenOfficial Fix0.000.28182CVE-2021-34480
13DevExpress ASP.NET Web Forms ASPxHttpHandlerModule DXR.axd эскалация привилегий4.34.2$0-$5k$0-$5kNot DefinedNot Defined0.070.00166CVE-2022-41479
14Basilix Webmail login.php3 эскалация привилегий7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00000
15JoomlaTune Com Jcomments admin.jcomments.php межсайтовый скриптинг4.34.1$0-$5k$0-$5kProof-of-ConceptNot Defined0.030.00489CVE-2010-5048
16Microsoft Office Remote Code Execution7.06.1$5k-$25k$0-$5kUnprovenOfficial Fix0.000.00169CVE-2023-21735
17Alt-N MDaemon Worldclient эскалация привилегий4.94.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.040.00090CVE-2021-27182
18CouchCMS mysql2i.func.php Path раскрытие информации3.33.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00241CVE-2019-1010042
19Esri ArcGIS Server sql-инъекция8.18.0$0-$5k$0-$5kNot DefinedOfficial Fix0.030.00123CVE-2021-29114
20Shenzhen Yunni Technology iLnkP2P UID Generator Random слабое шифрование7.77.7$0-$5k$0-$5kNot DefinedNot Defined0.020.00176CVE-2019-11219

IOC - Indicator of Compromise (3)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-адресHostnameАкторКампанииIdentifiedТипУверенность
194.140.116.124Gallmaker17.12.2020verifiedВысокий
2XX.XXX.XXX.XXXXxxxxxxxx17.12.2020verifiedВысокий
3XXX.XX.XXX.XXxxxxxxx.xxxxx.xxXxxxxxxxx17.12.2020verifiedВысокий

TTP - Tactics, Techniques, Procedures (17)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueУязвимостиВектор доступаТипУверенность
1T1006CWE-21, CWE-22Path TraversalpredictiveВысокий
2T1055CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveВысокий
3T1059CWE-88, CWE-94Argument InjectionpredictiveВысокий
4T1059.007CWE-79, CWE-80Cross Site ScriptingpredictiveВысокий
5TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveВысокий
6TXXXX.XXXCWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveВысокий
7TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveВысокий
8TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveВысокий
9TXXXXCWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveВысокий
10TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx XxxxxxpredictiveВысокий
11TXXXXCWE-XXXxx XxxxxxxxxpredictiveВысокий
12TXXXX.XXXCWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveВысокий
13TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveВысокий
14TXXXXCWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveВысокий
15TXXXXCWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveВысокий
16TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveВысокий
17TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveВысокий

IOA - Indicator of Attack (122)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDКлассIndicatorТипУверенность
1File/admin/dl_sendmail.phppredictiveВысокий
2File/api/baskets/{name}predictiveВысокий
3File/api/v2/cli/commandspredictiveВысокий
4File/DXR.axdpredictiveСредний
5File/forum/away.phppredictiveВысокий
6File/novel/bookSetting/listpredictiveВысокий
7File/novel/userFeedback/listpredictiveВысокий
8File/owa/auth/logon.aspxpredictiveВысокий
9File/spip.phppredictiveСредний
10File/zm/index.phppredictiveВысокий
11Fileadclick.phppredictiveСредний
12Fileadmin.cropcanvas.phppredictiveВысокий
13Fileadmin.jcomments.phppredictiveВысокий
14Fileapplication/modules/admin/views/ecommerce/products.phppredictiveВысокий
15Filexxxx/xxxxxxxxxxxx.xxxpredictiveВысокий
16Filexxxx.xxxpredictiveСредний
17Filexx_xxxx_xx_xxxx_xxxx.xxxpredictiveВысокий
18Filexxxxxxx.xpredictiveСредний
19Filexxxx_xxxxxxx.xxxpredictiveВысокий
20Filexxx-xxx/xxxxxpredictiveВысокий
21Filexxxxx.xxxpredictiveСредний
22Filexxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxx/xxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxx/xxxx_xxxxx.xxxxpredictiveВысокий
23Filexxxxx-xxxxxxx.xxxpredictiveВысокий
24Filexxxxxxxxxx/xxx_xxxxxxxxxx/xxxxxxx/xxxxxxxxxx.xxxpredictiveВысокий
25Filexxxxxxxxxx\xxxx.xxxpredictiveВысокий
26Filexxxxxxxxxxx.xxxpredictiveВысокий
27Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveВысокий
28Filexx.xxxpredictiveНизкий
29Filexxxxxxx/xxx/xxxxxxxx/xxxxxx/xxxxxxx.xpredictiveВысокий
30Filexxxx-xxxxxx.xxxpredictiveВысокий
31Filexxxxxxxxxxx.xxxxx.xxxpredictiveВысокий
32Filexxxx.xxxpredictiveСредний
33Filexxxxx_xxxx.xxxpredictiveВысокий
34Filexxxxxxxxxx\xxxxxx\xxxxxxxxxxxxx.xxxpredictiveВысокий
35Filexxx/xxxxxx.xxxpredictiveВысокий
36Filexxxxxxxx/xxxxxxx/xxxxxxx.xxxx.xxxpredictiveВысокий
37Filexxxxx.xxxxpredictiveСредний
38Filexxxxx.xxxpredictiveСредний
39Filexxxxx.xxx/xxxxxx.xxx/xxxxxxxxxxxxx.xxx/xxxxxxxx.xxxpredictiveВысокий
40Filexxxxx.xxx?x=xxxx&x=xxxx&x=xx_xxx_xxxxxxpredictiveВысокий
41Filexxxxx.xxx?x=xxxx&x=xxxxxxx&x=xxxpredictiveВысокий
42Filexxxx_xxxxxxx.xxxpredictiveВысокий
43Filexxxxx.xxxxpredictiveСредний
44Filexxxxx.xxxpredictiveСредний
45Filexxxxxxxxx.xpredictiveСредний
46Filexx_xxxx.xpredictiveСредний
47Filexxx/xxxx/xxxx_xxxxxxxxx.xpredictiveВысокий
48Filexxxxxxx_xxxx.xxxpredictiveВысокий
49Filexxxxxxxxxxxxxxxxx.xxxpredictiveВысокий
50Filexxxxxxx.xxxpredictiveСредний
51Filexxxxxxxxxxxxxx.xxxpredictiveВысокий
52Filexxxxxxxxxx_xxxxxxxxx.xxxpredictiveВысокий
53Filexxxxxxx/xxxxxxx/xxx/xxxxxxxxxx.xxx?xxxxxxxx=xxxx&xxxxxx=xxxxxxxxxxpredictiveВысокий
54Filexxxxxx/xxx/xxxxxxxx/xxxxx/xxxxx_xxxx.xxpredictiveВысокий
55Filexxxx/xxxxxxxxxxxxxx/xxxx_xxxxxxx.xpredictiveВысокий
56Filexxxx_xxxx_xxxxxx.xxxpredictiveВысокий
57Filexxxxxxx_xxxxxx.xxxpredictiveВысокий
58Filexxxx_xxxxx.xxxxpredictiveВысокий
59Filexxx/xxxx/xxxxpredictiveВысокий
60Filexxxxxx\xxxxxxxx\xx_xxxxx_xxxxxxx.xxxpredictiveВысокий
61Filexxxxxxx.xxx.xx.xxxxxxxxxxx.xxxpredictiveВысокий
62Filexxxxxxxxx/xxxxxxxx.xxxpredictiveВысокий
63Filexxxx-xxxxx.xxxpredictiveВысокий
64Filexxxx-xxxxxxxx.xxxpredictiveВысокий
65Filexxxxxxxxx.xxxpredictiveВысокий
66Filexxxxxx.xxxpredictiveСредний
67Filexxxxxxx-xxxxx.xxxpredictiveВысокий
68Filexxxx_xxxxx.xxxpredictiveВысокий
69Filexxxx/xxx/xxxx-xxxxx.xxxpredictiveВысокий
70Filexxxx.xxxpredictiveСредний
71Filexx-xxxxx-xxxxxx.xxxpredictiveВысокий
72Filexx-xxxxxxxx/xxxxxxxxx.xxxpredictiveВысокий
73Filexxx/xxxxxxxx/xxxxxxxx.xxxpredictiveВысокий
74Filexxxx.xxxpredictiveСредний
75File~/xxx/xxxx-xxxxxxxxx.xxxpredictiveВысокий
76File~/xxxxxxxx/xxxxx-xx-xxxxxxxxxx-xxxxxxxxx.xxxpredictiveВысокий
77Libraryxxxxxxx/xxx.xxx.xxx.xxxpredictiveВысокий
78Argumentxxx_xxxpredictiveНизкий
79ArgumentxxxxxxxxxpredictiveСредний
80ArgumentxxxxxxxxpredictiveСредний
81Argumentxxx_xxx_xx_xxx_xxxxxxxxxx_xpredictiveВысокий
82Argumentxxxxx_xxxxpredictiveСредний
83Argumentxxxx_xxx_xxxxpredictiveВысокий
84ArgumentxxxxxxxxxxpredictiveСредний
85ArgumentxxxpredictiveНизкий
86ArgumentxxxxxxxxxxxxxxxpredictiveВысокий
87ArgumentxxxxxxxxxxxxpredictiveСредний
88ArgumentxxxxpredictiveНизкий
89Argumentxxxxxxxxx_xxxxxxpredictiveВысокий
90ArgumentxxxxxxxxxpredictiveСредний
91Argumentxx_xxxxxxxpredictiveСредний
92ArgumentxxxxpredictiveНизкий
93ArgumentxxxxxxxxpredictiveСредний
94Argumentxxxxxx_xxxxxpredictiveСредний
95Argumentxx_xxpredictiveНизкий
96Argumentxxxxxxx[xxxxxxx]predictiveВысокий
97ArgumentxxxxxpredictiveНизкий
98ArgumentxxpredictiveНизкий
99ArgumentxxxxpredictiveНизкий
100ArgumentxxxxpredictiveНизкий
101Argumentxxxxxx/xxxxx/xxxxpredictiveВысокий
102ArgumentxxxxxxxpredictiveНизкий
103ArgumentxxxxpredictiveНизкий
104Argumentxxxxxx_xxxxxxpredictiveВысокий
105ArgumentxxxpredictiveНизкий
106Argumentxxxxxxxx_xxpredictiveСредний
107Argumentxxxxxx_xxxxxpredictiveСредний
108ArgumentxxxxxxpredictiveНизкий
109Argumentxxxx_xxxxpredictiveСредний
110ArgumentxxxxpredictiveНизкий
111ArgumentxxxxxxxpredictiveНизкий
112ArgumentxxxpredictiveНизкий
113ArgumentxxxxxpredictiveНизкий
114Argumentxxxxx/xxxpredictiveСредний
115Argumentxxxx_xxpredictiveНизкий
116ArgumentxxxpredictiveНизкий
117ArgumentxxxxxxxxpredictiveСредний
118Argumentxxx:xxxxpredictiveСредний
119Argument_xxx_xxxxxxxxxxx_predictiveВысокий
120Input Valuexxxxxxxxx' xxx 'x'='xpredictiveВысокий
121Pattern|xx xx xx xx|predictiveВысокий
122Network Portxxx/xxxxpredictiveСредний

Ссылки (2)

The following list contains external sources which discuss the actor and the associated activities:

Do you want to use VulDB in your project?

Use the official API to access entries easily!