Mispadu Анализ

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (24)

Язык

de	16
en	6
ar	2

Страна

us	22
ir	2

Акторы

Mispadu	2
TimbreStealer	1

Интерес

Тип

Not Defined	6
Content Management System	4
Printing Software	4
Operating System	4
Network Management Software	2

Поставщик

Not Defined	6
Xerox	4
Cisco	2
Televes	2
Tribe29	2

Продукт

Cisco Prime Infrastructure	2
Televes COAXDATA GATEWAY 1Gbps	2
SilverStripe	2
Tribe29 Checkmk	2
Xerox Workcentre 6400 Net Controller	2

Уязвимости

#	Уязвимости	Base	Temp	0day	Сегодня	Э�	Rem	EPSS	CTI	CVE
1	Huawei ACXXXX/SXXXX SSH Packet эскалация привилегий	7.5	7.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00246	0.07	CVE-2014-8572
2	Televes COAXDATA GATEWAY 1Gbps mib.db Credentials эскалация привилегий	7.5	7.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00225	0.02	CVE-2017-6532
3	Linux Kernel cxusb.c повреждение памяти	6.5	6.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00042	0.00	CVE-2017-8063
4	Cisco Prime Infrastructure Web Framework межсайтовый скриптинг	5.2	5.2	$5k-$25k	$0-$5k	Not Defined	Not Defined	0.00107	0.00	CVE-2017-6724
5	Huawei SXXX VRP MPLS LSP Ping раскрытие информации	5.3	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00096	0.24	CVE-2014-8570
6	Tribe29 Checkmk Livestatus Query Language эскалация привилегий	7.0	7.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.00	CVE-2022-47909
7	Tribe29 Checkmk Agent Updater Log File раскрытие информации	5.1	5.1	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00043	0.04	CVE-2022-48319
8	Microsoft Windows ISATAP эскалация привилегий	6.5	6.2	$25k-$100k	$0-$5k	Not Defined	Official Fix	0.06396	0.00	CVE-2010-0812
9	IBM DB2 эскалация привилегий	6.3	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00343	0.00	CVE-2011-1846
10	Nicholas Marriott tmux эскалация привилегий	5.9	5.6	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00051	0.00	CVE-2011-1496
11	WordPress обход каталога	5.7	5.6	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00273	0.20	CVE-2023-2745
12	netcf Path Expression find_ifcfg_path эскалация привилегий	5.9	5.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00662	0.00	CVE-2014-8119
13	Xerox Workcentre 5655 Authorization раскрытие информации	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00268	0.00	CVE-2010-0548
14	Xerox Workcentre 6400 Net Controller раскрытие информации	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00282	0.00	CVE-2010-0549
15	SilverStripe раскрытие информации	5.3	5.1	$0-$5k	$0-$5k	Not Defined	Official Fix	0.01045	0.00	CVE-2010-5188
16	ubuntu Linux слабая аутентификация	10.0	9.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00400	0.00	CVE-2010-0834
17	Red Hat Enterprise Linux эскалация привилегий	5.3	5.3	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00485	0.00	CVE-2010-2598
18	Drupal Form API эскалация привилегий	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00093	0.05	CVE-2022-25271

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-адрес	Hostname	Актор	Identified	Тип	Уверенность
1	2.59.255.65		Mispadu	29.07.2023	verified	Высокий
2	X.XX.XXX.XXX	xxx-x-xx-xxx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxx	31.05.2021	verified	Средний
3	XX.XXX.XX.XXX	xxx-xx-xxx-xx-xxx.xx-xxxx-x.xxxxxxx.xxxxxxxxx.xxx	Xxxxxxx	31.05.2021	verified	Средний
4	XX.XXX.XX.XXX		Xxxxxxx	16.02.2024	verified	Высокий
5	XX.XX.XX.XXX		Xxxxxxx	31.05.2021	verified	Высокий

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Класс	Уязвимости	Вектор доступа	Тип	Уверенность
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	Высокий
2	T1055	CAPEC-10	CWE-74	Improper Neutralization of Data within XPath Expressions	predictive	Высокий
3	TXXXX.XXX	CAPEC-209	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Высокий
4	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
5	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Высокий
6	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Высокий

IOA - Indicator of Attack (3)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Класс	Indicator	Тип	Уверенность
1	File	/mib.db	predictive	Низкий
2	File	xxxxxxx/xxxxx/xxx/xxx-xxx/xxxxx.x	predictive	Высокий
3	Argument	xxxxx_xxxxxxx	predictive	Высокий

Ссылки (4)

The following list contains external sources which discuss the actor and the associated activities:

◂ ПредыдущийОбзорДалее ▸

Interested in the pricing of exploits?

See the underground prices here!