AMOS Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Lang

de	112
es	112
it	94
sv	92
ru	88

Land

de	112
es	112
it	94
sv	92
ru	88

Skådespelare

Unknown	1

Intressera

Typ

Not Defined	68
WordPress Plugin	8
Operating System	2
Remote Access Software	2
Router Operating System	2

Säljare

Tenda	50
Not Defined	6
Hualai Xiaofang	2
Linux	2
Broadstreet Xpress	2

Produkt

Tenda W15E	14
Tenda i21	8
Tenda AX1806	6
Tenda W9	4
Tenda AC8	4

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	EPSS	CTI	CVE
1	Contemporary Controls BASrouter BACnet BASRT-B Device-Communication-Control Service förnekande av tjänsten	6.5	5.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.40	CVE-2024-4292
2	Tenda AC8 SetRebootTimer formSetRebootTimer minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.35	CVE-2024-4065
3	PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php cross site scripting	3.5	3.2	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.48	CVE-2024-4293
4	Tenda W15E setStaticRoute formSetStaticRoute minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.44	CVE-2024-4125
5	Tenda 4G300 sub_4279CC minneskorruption	8.8	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	1.31	CVE-2024-4169
6	Kashipara Online Furniture Shopping Ecommerce Website prodInfo.php sql injektion	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00087	1.65	CVE-2024-4071
7	Tenda TX9 SetSysTimeCfg sub_42D4DC minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.07	CVE-2024-4113
8	PHPGurukul Doctor Appointment Management System view-appointment-detail.php privilegier eskalering	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.01	CVE-2024-4294
9	Tenda AX1806 execCommand R7WebsSecurityHandler minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.11	CVE-2024-4237
10	Tenda TX9 PowerSaveSet sub_42C014 minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.05	CVE-2024-4114
11	Tenda i21 formQosManageDouble_user minneskorruption	8.8	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.87	CVE-2024-4245
12	Tenda W9 DhcpSetSer fromDhcpSetSer minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.27	CVE-2024-4244
13	Techkshetra Info Solutions Savsoft Quiz Category Page editCategory cross site scripting	2.4	2.2	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	0.90	CVE-2024-4256
14	Tenda W15E modifyIpMacBind formIPMacBindModify minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	0.85	CVE-2024-4120
15	Tenda W15E DelPortMapping formDelPortMapping minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.32	CVE-2024-4117
16	Tenda 4G300 sub_429A30 minneskorruption	8.8	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.83	CVE-2024-4170
17	Tenda i22 formSetUrlFilterRule minneskorruption	8.8	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00045	0.79	CVE-2024-4252
18	Tenda W30E WizardHandle fromWizardHandle minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	0.87	CVE-2024-4171
19	SourceCodester Simple Subscription Website view_application.php sql injektion	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.46	CVE-2024-4093
20	Tenda i21 DhcpSetSe fromDhcpSetSer minneskorruption	8.8	8.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00045	1.19	CVE-2024-4251

IOC - Indicator of Compromise (36)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Identified	Typ	Förtroende
1	5.42.64.45		AMOS	31/01/2024	verified	Hög
2	5.42.64.83		AMOS	15/04/2024	verified	Hög
3	5.42.65.55		AMOS	07/12/2023	verified	Hög
4	5.42.65.102		AMOS	15/04/2024	verified	Hög
5	5.42.65.106		AMOS	15/04/2024	verified	Hög
6	5.42.65.107		AMOS	04/02/2024	verified	Hög
7	5.42.65.108		AMOS	17/01/2024	verified	Hög
8	5.42.66.22		AMOS	15/04/2024	verified	Hög
9	X.XX.XX.X		Xxxx	15/04/2024	verified	Hög
10	X.XXX.XX.X	xxxxxxxx-xxxxxx.xxxx.xxxxxxx	Xxxx	23/12/2023	verified	Hög
11	XX.XX.XXX.XXX	xxxxxxxxx.xxxxxxx.xxx.xx	Xxxx	15/04/2024	verified	Hög
12	XX.XX.XXX.XXX	xxxxxxxxx.xxxxxxx.xxx.xx	Xxxx	15/04/2024	verified	Hög
13	XX.XXX.XX.XX	xxx-xx-xxx-xx-xx.xxxxx-xxxx.xx	Xxxx	15/08/2023	verified	Hög
14	XX.XXX.XXX.X	.	Xxxx	10/04/2024	verified	Hög
15	XX.XXX.XXX.XXX	xxx-xxxxxx.xxxx.xxxxxxx	Xxxx	08/01/2024	verified	Hög
16	XX.XXX.XXX.XX		Xxxx	15/04/2024	verified	Hög
17	XX.XXX.XXX.XXX	xxxxxxx.xxx.xxxxxx-xxxxxx.xxxx	Xxxx	15/04/2024	verified	Hög
18	XX.XXX.XXX.XXX	xxxxxxxxxx-xxxx-xxxxxx.xxxx.xxxxxxx	Xxxx	18/01/2024	verified	Hög
19	XXX.XX.XX.XXX		Xxxx	29/10/2023	verified	Hög
20	XXX.XX.XXX.XX	xxxxxx.xx.xxx.xx.xxx.xxxxxxx.xxxx-xxxxxx.xx	Xxxx	15/04/2024	verified	Hög
21	XXX.XX.XX.XXX	xxxx.xxxxxxxxxxxx.xxx	Xxxx	15/10/2023	verified	Hög
22	XXX.XX.XXX.XXX		Xxxx	29/10/2023	verified	Hög
23	XXX.XXX.XX.XXX		Xxxx	18/09/2023	verified	Hög
24	XXX.XXX.XXX.XX		Xxxx	17/12/2023	verified	Hög
25	XXX.XXX.XXX.XXX		Xxxx	10/03/2024	verified	Hög
26	XXX.XXX.XXX.XXX		Xxxx	07/12/2023	verified	Hög
27	XXX.XXX.XXX.XX		Xxxx	15/12/2023	verified	Hög
28	XXX.XXX.XXX.XXX		Xxxx	29/09/2023	verified	Hög
29	XXX.XXX.X.XXX	xxxxxxx.xxx.xxxxxx-xxxxxx.xxxx	Xxxx	15/04/2024	verified	Hög
30	XXX.XXX.XXX.XXX		Xxxx	01/05/2024	verified	Hög
31	XXX.XXX.XXX.XXX		Xxxx	19/03/2024	verified	Hög
32	XXX.XXX.XXX.XXX		Xxxx	19/03/2024	verified	Hög
33	XXX.XXX.XXX.XXX		Xxxx	17/04/2024	verified	Hög
34	XXX.XXX.XXX.XXX		Xxxx	19/03/2024	verified	Hög
35	XXX.XX.XX.XX		Xxxx	16/11/2023	verified	Hög
36	XXX.XXX.XXX.XXX		Xxxx	21/10/2023	verified	Hög

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klass	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	Hög
2	T1068	CAPEC-19	CWE-284	Execution with Unnecessary Privileges	predictive	Hög
3	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Hög
4	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Hög
5	TXXXX	CAPEC-37	CWE-XXX	Xxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxx	predictive	Hög
6	TXXXX.XXX	CAPEC-459	CWE-XXX	Xxxxxxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
7	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Hög
8	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Hög

IOA - Indicator of Attack (96)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	/admin/admin_cl.php?mudi=revPwd	predictive	Hög
2	File	/cgi-bin/koha/opac-MARCdetail.pl	predictive	Hög
3	File	/doctor/view-appointment-detail.php	predictive	Hög
4	File	/goform/AddDnsForward	predictive	Hög
5	File	/goform/addIpMacBind	predictive	Hög
6	File	/goform/AdvSetMacMtuWan	predictive	Hög
7	File	/goform/DelDhcpRule	predictive	Hög
8	File	/goform/delIpMacBind	predictive	Hög
9	File	/goform/DelPortMapping	predictive	Hög
10	File	/goform/DhcpSetSe	predictive	Hög
11	File	/goform/DhcpSetSer	predictive	Hög
12	File	/goform/execCommand	predictive	Hög
13	File	/goform/modifyDhcpRule	predictive	Hög
14	File	/xxxxxx/xxxxxxxxxxxxxxx	predictive	Hög
15	File	/xxxxxx/xxxxxxxxxxxxxxxxxxxxx	predictive	Hög
16	File	/xxxxxx/xxxxxxxxxxxx	predictive	Hög
17	File	/xxxxxx/xxxxxxxxxxxx	predictive	Hög
18	File	/xxxxxx/xxxxxxxxxx	predictive	Hög
19	File	/xxxxxx/xxxxxxxxxxx	predictive	Hög
20	File	/xxxxxx/xxxxxxxxx	predictive	Hög
21	File	/xxxxxx/xxxxxxxxxxxxxxxx	predictive	Hög
22	File	/xxxxxx/xxxxxxxxxxxxxx	predictive	Hög
23	File	/xxxxxx/xxxxxxxxxxxxxx	predictive	Hög
24	File	/xxxxxx/xxxxxxxxxxxxxxxxxx	predictive	Hög
25	File	/xxxxxx/xxxxxxxxxxxxxx	predictive	Hög
26	File	/xxxxxx/xxxxxxxxxxxxx	predictive	Hög
27	File	/xxxxxx/xxxxxxxxxxxxxxxxxxx	predictive	Hög
28	File	/xxxxxx/xxxxxxxxxxx	predictive	Hög
29	File	/xxxxxx/xxxxxxxxxxx	predictive	Hög
30	File	/xxxxxx/xxxxxxxxxxxx	predictive	Hög
31	File	/xxxxxxxxxxxxx.xx	predictive	Hög
32	File	/xxxxxx/xxxxx.xxx/xxxxx/xxxxxxxxxxxx	predictive	Hög
33	File	/xxxxxxx.xx	predictive	Medium
34	File	/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxx	predictive	Hög
35	File	/xxx/xxxxxxxxxxx.xxx	predictive	Hög
36	File	xxxxxxxxxxx-xxxxxxx-xxxxxxx-xxxxxxx.xxx	predictive	Hög
37	File	xxxxx/xxxxxxx/xxxxxxxxxxxxx.xx	predictive	Hög
38	File	xxxxxx/xxxxxx/xxx/xxxxxxxxxxx/xx.xx	predictive	Hög
39	File	xxxxx.xxx	predictive	Medium
40	File	xxxxxxxx.xxx	predictive	Medium
41	File	xxxxxxxx.xxx	predictive	Medium
42	File	xxxxxx.xxx	predictive	Medium
43	File	xxxxxxxxxxxx.xxx	predictive	Hög
44	File	xxxx_xxxxxxxxxxx.xxx	predictive	Hög
45	Argument	xxxxx_xxxxx	predictive	Medium
46	Argument	xxxxxxxxxxxx	predictive	Medium
47	Argument	xxxxxxxxxxxxx	predictive	Hög
48	Argument	xxxxxxxx_xxxx	predictive	Hög
49	Argument	xxxxxxxxxxxx	predictive	Medium
50	Argument	xxxxxxxxxx	predictive	Medium
51	Argument	xxxxxxx	predictive	Låg
52	Argument	xxxxxxxxxxx/xxxxxxxxx/xxxxxx/xxxxxxxx/xxxxxxxxxxxxx/xxxxxxxx/xxxxxxxx	predictive	Hög
53	Argument	xxxxxxxxxxxxxx	predictive	Hög
54	Argument	xxxxxxxxxxxxxxxx	predictive	Hög
55	Argument	xxxxxx	predictive	Låg
56	Argument	xxxxxx/xxxxx/xxxxxx	predictive	Hög
57	Argument	xxxxxxxx	predictive	Medium
58	Argument	xxxxxxxx/xxxxxx	predictive	Hög
59	Argument	xx/xxxx	predictive	Låg
60	Argument	xxxxxxxxxx	predictive	Medium
61	Argument	xx	predictive	Låg
62	Argument	xx	predictive	Låg
63	Argument	xxxxxxxxxxxxxx	predictive	Hög
64	Argument	xxxxxxxxxxxxx	predictive	Hög
65	Argument	xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx	predictive	Hög
66	Argument	xxxx xxxxxx	predictive	Medium
67	Argument	xxxx	predictive	Låg
68	Argument	xxxx	predictive	Låg
69	Argument	xxxxx	predictive	Låg
70	Argument	xxxxxxxxxx	predictive	Medium
71	Argument	xxxx	predictive	Låg
72	Argument	xxxx	predictive	Låg
73	Argument	xxxxxxxx	predictive	Medium
74	Argument	xxxxxxxxxxxxxxxx	predictive	Hög
75	Argument	xxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx	predictive	Hög
76	Argument	xxxxxxxxxxxxxxxxxxxxxxxx	predictive	Hög
77	Argument	xxx	predictive	Låg
78	Argument	xxxxxx	predictive	Låg
79	Argument	xxxxxxxx	predictive	Medium
80	Argument	xxxxxxxxxxxxxxxxxx	predictive	Hög
81	Argument	xxxxxxxx	predictive	Medium
82	Argument	xxxxxxxxxx	predictive	Medium
83	Argument	xxxxxxxx	predictive	Medium
84	Argument	xxxxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxx	predictive	Hög
85	Argument	xxxxxxxxxxxx	predictive	Medium
86	Argument	xxxxxxxxx	predictive	Medium
87	Argument	xxxxxxxxxxxxxxxx	predictive	Hög
88	Argument	xxxx	predictive	Låg
89	Argument	xxxxxxxxxx	predictive	Medium
90	Argument	xxxxxxxxx	predictive	Medium
91	Argument	xxxxxxx	predictive	Låg
92	Argument	xxxxxx/xxxxxxxx/xxxxxxxxx/xxx/xxxxxxxxxxx/xxxxxxxxxx	predictive	Hög
93	Argument	xxxx/xxxxx/xxx/xxxx/xxxxxx/xxxxxx	predictive	Hög
94	Input Value	x"><xxxx>	predictive	Medium
95	Input Value	xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx	predictive	Hög
96	Input Value	><xxxxxx>xxxxx('xxx')</xxxxxx>	predictive	Hög

Referenser (13)

The following list contains external sources which discuss the actor and the associated activities:

Samples (8)

The following list contains associated samples:

◂ TidigareÖversiktNästa ▸

Interested in the pricing of exploits?

See the underground prices here!