Eye on the Nile Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (46)

Lang

en	46

Land

ru	26
us	20

Skådespelare

Stealth Soldier	1
Eye on the Nile	1
SystemBC	1

Intressera

Typ

Not Defined	10
Operating System	8
Router Operating System	4
Database Administration Software	2
Smartphone Operating System	2

Säljare

Not Defined	10
Linux	6
Apple	2
TP-LINK	2
Samsung	2

Produkt

Linux Kernel	6
OpenBB	2
Pixelpost	2
PHPWind	2
Apple macOS	2

Sårbarheter

#	Sårbarhet	Base	Temp	0day	I dag	Utn	Rem	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash informationsgivning	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02016	0.02	CVE-2007-1192
2	JForum Login privilegier eskalering	6.5	6.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00151	0.06	CVE-2012-5338
3	Linux Kernel UDP Packet udp.c privilegier eskalering	8.5	8.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.04837	0.03	CVE-2016-10229
4	Linux Kernel minneskorruption	10.0	9.0	$25k-$100k	$0-$5k	Proof-of-Concept	Official Fix	0.07416	0.00	CVE-2008-1673
5	vBulletin redirector.php Redirect	6.6	6.6	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00122	0.07	CVE-2018-6200
6	Linux Kernel nf_conntrack_h323_asn1.c decode_choice förnekande av tjänsten	7.5	6.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.08412	0.00	CVE-2007-3642
7	Netgear GC108P NSDP Packet sccd svag autentisering	6.7	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00073	0.00	CVE-2021-40866
8	Google Android xt_qtaguid.c qtaguid_untag minneskorruption	6.5	6.3	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00042	0.04	CVE-2021-0399
9	TP-LINK Archer C3150v2 dhcp.htm setDefaultHostname cross site scripting	5.2	5.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00536	0.03	CVE-2021-3275
10	Google Android ADSPRPC Heap Manager minneskorruption	8.5	8.2	$25k-$100k	$5k-$25k	Not Defined	Official Fix	0.00119	0.05	CVE-2018-3586
11	Apple macOS WebKit privilegier eskalering	6.3	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00230	0.00	CVE-2021-1801
12	Linux Kernel ptrace.c privilegier eskalering	7.8	7.6	$5k-$25k	$0-$5k	High	Official Fix	0.00052	0.00	CVE-2019-13272
13	Samsung Mobile Devices SEAndroid Protection Mechanism privilegier eskalering	7.4	7.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00066	0.00	CVE-2020-13829
14	My Link Trader out.php sql injektion	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00000	0.48
15	PHP phpinfo cross site scripting	6.3	5.7	$5k-$25k	$0-$5k	Proof-of-Concept	Official Fix	0.08985	0.04	CVE-2006-0996
16	phpMyAdmin phpinfo.php informationsgivning	5.3	5.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00142	0.10	CVE-2016-9848
17	PHPWind goto.php Redirect	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00348	0.10	CVE-2015-4134
18	MGB OpenSource Guestbook email.php sql injektion	7.3	7.3	$0-$5k	$0-$5k	High	Unavailable	0.01302	1.68	CVE-2007-0354
19	Google Chrome TransportDIB SkBitmap Pixel Data render_widget_snapshot_taker.cc WidgetDidReceivePaintAtSizeAck privilegier eskalering	6.5	6.2	$100k och mer	$0-$5k	Not Defined	Official Fix	0.00622	0.00	CVE-2013-2836
20	Pixelpost förfalskning på begäran över webbplatsen	7.0	6.4	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.01098	0.02	CVE-2010-3305

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP-adress	Hostname	Skådespelare	Kampanjer	Identified	Typ	Förtroende
1	185.125.230.116	revdns.dns.com	Eye on the Nile		16/06/2023	verified	Hög

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Klass	Sårbarheter	Åtkomstvektor	Typ	Förtroende
1		CAPEC-10	CWE-20, CWE-119, CWE-189, CWE-190, CWE-287, CWE-352, CWE-416, CWE-862, CWE-863	Unknown Vulnerability	predictive	Hög
2	T1059	CAPEC-10	CWE-74, CWE-94, CWE-707	Argument Injection	predictive	Hög
3	TXXXX.XXX	CAPEC-10	CWE-XX, CWE-XX, CWE-XXX	Xxxxx Xxxx Xxxxxxxxx	predictive	Hög
4	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	Hög
5	TXXXX.XXX	CAPEC-178	CWE-XXX	Xxxx Xxxxxxxx	predictive	Hög
6	TXXXX	CAPEC-0	CWE-XXX	7xx Xxxxxxxx Xxxxxxxx	predictive	Hög
7	TXXXX	CAPEC-10	CWE-XX, CWE-XX, CWE-XXX	Xxx Xxxxxxxxx	predictive	Hög
8	TXXXX	CAPEC-116	CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	Hög

IOA - Indicator of Attack (25)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Klass	Indicator	Typ	Förtroende
1	File	/forum/away.php	predictive	Hög
2	File	/out.php	predictive	Medium
3	File	/sqfs/bin/sccd	predictive	Hög
4	File	admin/index.php	predictive	Hög
5	File	xxxxxxx/xxxxxxxxxx/xxxxxx_xxxxxx_xxxxxxxx_xxxxx.xx	predictive	Hög
6	File	xxxx/xxxxxxxxxxxxxxx.xxx	predictive	Hög
7	File	xxxx.xxx	predictive	Medium
8	File	xxxxx.xxx	predictive	Medium
9	File	xxxx.xxx	predictive	Medium
10	File	xxx/xxxxxx.xxx	predictive	Hög
11	File	xxxxxx/xxxxxx.x	predictive	Hög
12	File	xxx/xxxxxxxxx/xx_xxxxxxxxx_xxxx_xxxx.x	predictive	Hög
13	File	xxxxxxx.xxx	predictive	Medium
14	File	xxxx.xxx	predictive	Medium
15	File	xxxxxxxxxx.xxx	predictive	Hög
16	File	xxx.x	predictive	Låg
17	File	xx_xxxxxxx.x	predictive	Medium
18	Argument	xxxxxxxx	predictive	Medium
19	Argument	xx	predictive	Låg
20	Argument	xxxxxxxx	predictive	Medium
21	Argument	xxxxxxxxxx	predictive	Medium
22	Argument	xxxxxx_xx	predictive	Medium
23	Argument	xxx	predictive	Låg
24	Argument	xxx	predictive	Låg
25	Network Port	xxx	predictive	Låg

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ TidigareÖversiktNästa ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!