Bondnet Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (35)

Lang

en	22
zh	12
fr	2

Land

cn	20
us	14
fr	2

Skådespelare

Bondnet	8

Intressera

Typ

Not Defined	22
Programming Language Software	2
Content Management System	2
Backup Software	2
Hardware Driver Software	2

Säljare

Not Defined	10
Hikvision	6
PHP Arena	2
kalcaddle	2
Cognos	2

Produkt

Hikvision Intercom Broadcasting System	4
PHP Arena paFileDB	2
CMS Made Simple	2
kalcaddle KodExplorer	2
DataGear	2

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	EPSS	CTI	CVE
1	Kubernetes kubelet pprof informationsgivning	7.3	7.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.55625	0.08	CVE-2019-11248
2	AWStats Config awstats.pl cross site scripting	4.3	4.1	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.00587	0.03	CVE-2006-3681
3	Microsoft Windows User Access Policy svag autentisering	7.8	7.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00043	0.02	CVE-1999-0505
4	Hikvision Intercom Broadcasting System ping.php privilegier eskalering	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.90160	0.06	CVE-2023-6895
5	Weaver E-Office File Upload utility_all.php privilegier eskalering	7.1	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00087	0.04	CVE-2023-2647
6	Weaver OA downfile.php informationsgivning	4.3	3.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00144	0.03	CVE-2023-2765
7	Hikvision LocalServiceComponents Messages Remote Code Execution	7.3	7.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00048	0.09	CVE-2023-28813
8	Hikvision Intercom Broadcasting System exportrecord.php kataloggenomgång	5.4	5.2	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00064	0.07	CVE-2023-6893
9	DataGear pagingQueryData sql injektion	7.5	7.3	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00119	0.07	CVE-2023-1571
10	kalcaddle KodExplorer förfalskning på begäran över webbplatsen	5.8	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00125	0.03	CVE-2022-4944
11	node-sqlite3 Remote Code Execution	7.8	7.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00281	0.00	CVE-2022-43441
12	Web2py Sample Web Application session.connect svag autentisering	8.5	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02059	0.04	CVE-2016-3953
13	Gxlcms TplAction.class.php add informationsgivning	7.5	7.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01201	0.05	CVE-2018-14685
14	O2OA invoke Privilege Escalation	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00497	0.04	CVE-2022-22916
15	Cognos Powerplay Web Edition ppdscgi.exe informationsgivning	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00000	0.04
16	Strapi Admin Panel privilegier eskalering	5.6	5.3	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00109	0.00	CVE-2021-28128
17	DZCP deV!L`z Clanportal config.php privilegier eskalering	7.3	6.6	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.00943	0.49	CVE-2010-0966
18	Schneider Electric EcoStruxure Control Expert/Unity Pro minneskorruption	7.0	7.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00072	0.00	CVE-2020-7560
19	Portainer privilegier eskalering	8.0	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01314	0.02	CVE-2020-24264
20	CMS Made Simple Watermark class.showtime2_image.php privilegier eskalering	6.5	6.2	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.55301	0.04	CVE-2019-9692

IOC - Indicator of Compromise (27)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Identified	Typ	Förtroende
1	47.90.206.226		Bondnet	13/02/2022	verified	Hög
2	50.207.71.22	50-207-71-22-static.hfc.comcastbusiness.net	Bondnet	13/02/2022	verified	Hög
3	59.3.127.132		Bondnet	13/02/2022	verified	Hög
4	69.90.114.185		Bondnet	13/02/2022	verified	Hög
5	72.167.201.140	ip-72-167-201-140.ip.secureserver.net	Bondnet	13/02/2022	verified	Hög
6	112.53.74.38		Bondnet	13/02/2022	verified	Hög
7	XXX.XXX.XX.XXX		Xxxxxxx	13/02/2022	verified	Hög
8	XXX.XXX.XXX.XXX		Xxxxxxx	13/02/2022	verified	Hög
9	XXX.XX.XXX.XX		Xxxxxxx	13/02/2022	verified	Hög
10	XXX.XXX.XXX.XX		Xxxxxxx	13/02/2022	verified	Hög
11	XXX.XXX.XXX.XXX		Xxxxxxx	13/02/2022	verified	Hög
12	XXX.XXX.XXX.XX		Xxxxxxx	13/02/2022	verified	Hög
13	XXX.XXX.XXX.XXX	xxx.xxxxx.xxx	Xxxxxxx	13/02/2022	verified	Hög
14	XXX.XX.XXX.XXX		Xxxxxxx	13/02/2022	verified	Hög
15	XXX.XX.XXX.XXX	xx.xx.xxxx.xxx.xxxxxx.xx-xxxxxxx.xxx	Xxxxxxx	13/02/2022	verified	Hög
16	XXX.XXX.XXX.XX		Xxxxxxx	13/02/2022	verified	Hög
17	XXX.XX.XX.X		Xxxxxxx	13/02/2022	verified	Hög
18	XXX.X.XXX.XX	xxxx.xxxxxxxx-xx.xx	Xxxxxxx	13/02/2022	verified	Hög
19	XXX.XXX.XX.XX	xxx.xxx.xx.xx.xxxxxx.xxxxx.xxx	Xxxxxxx	13/02/2022	verified	Hög
20	XXX.XXX.XX.XX		Xxxxxxx	13/02/2022	verified	Hög
21	XXX.XX.XXX.XXX	xxxxxx.xxxxx.xxx	Xxxxxxx	13/02/2022	verified	Hög
22	XXX.XX.XXX.XX	xxx-xx-xxx-xx.xxxxx-xx.xxxxx.xxx	Xxxxxxx	13/02/2022	verified	Hög
23	XXX.XXX.XXX.XXX		Xxxxxxx	13/02/2022	verified	Hög
24	XXX.XXX.XXX.XXX		Xxxxxxx	13/02/2022	verified	Hög
25	XXX.XXX.XX.XX		Xxxxxxx	13/02/2022	verified	Hög
26	XXX.XXX.X.XX		Xxxxxxx	13/02/2022	verified	Hög
27	XXX.XXX.XXX.XXX		Xxxxxxx	13/02/2022	verified	Hög

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klass	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1	T1006	CAPEC-126	CWE-22, CWE-36	Path Traversal	predictive	Hög
2	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	Hög
3	TXXXX.XXX	CAPEC-18	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	Hög
4	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
5	TXXXX.XXX	CAPEC-191	CWE-XXX	Xxxx-xxxxx Xxxxxxxxxxx	predictive	Hög
6	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	Hög
7	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	Hög
8	TXXXX	CAPEC-0	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
9	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Hög
10	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	Hög

IOA - Indicator of Attack (25)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	/analysisProject/pagingQueryData	predictive	Hög
2	File	/debug/pprof	predictive	Medium
3	File	/E-mobile/App/System/File/downfile.php	predictive	Hög
4	File	/php/exportrecord.php	predictive	Hög
5	File	/xxx/xxxx.xxx	predictive	Hög
6	File	/xxxxxxx/xxx/xxxxxxx_xxx.xxx	predictive	Hög
7	File	/x_xxxxxxx_xxxxxx/xxxxx/xxxxxx	predictive	Hög
8	File	xxxxxxx.xx	predictive	Medium
9	File	xxxxx.xxxxxxxxx_xxxxx.xxx	predictive	Hög
10	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Hög
11	File	xxx/xxxxxx.xxx	predictive	Hög
12	File	xxxxxxxx.xxx	predictive	Medium
13	File	xxxxxxx.xxx	predictive	Medium
14	File	xxx_xxxxxx.x	predictive	Medium
15	File	xxx_xxxxxx.xx	predictive	Hög
16	Library	xxx/xxx/xxx/xxxxxx/xxxxx/xxxxxxxxx.xxxxx.xxx	predictive	Hög
17	Argument	xxxxxxxx	predictive	Medium
18	Argument	xxxxxx	predictive	Låg
19	Argument	xxxxxxxx	predictive	Medium
20	Argument	xx	predictive	Låg
21	Argument	xxxxxxxx[xx]	predictive	Medium
22	Argument	xxxxxxxxxx	predictive	Medium
23	Argument	xxx	predictive	Låg
24	Input Value	x:\xxxxx\xxxx\xxx\xxx\xxxxxxxxxx.xxx	predictive	Hög
25	Input Value	xxxxxxx -xxx	predictive	Medium

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ TidigareÖversiktNästa ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!