PcShare Analys

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (26)

Tidslinje

Lang

en22
zh2
de2

Land

us22
cn4

Skådespelare

PcShare2
Razy1
SystemBC1
Imperial Kitten1
Cobalt Strike1

Aktiviteter

Intressera

Tidslinje

Typ

Not Defined8
Solution Stack Software6
Content Management System4
Knowledge Base Software2
WordPress Plugin2

Säljare

SAP10
Not Defined8
MGB2
Xunrui2

Produkt

SAP NetWeaver AS JAVA4
MGB OpenSource Guestbook2
WordPress2
TinyMCE2
Swagger-UI2

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemEPSSCTICVE
1SAP NetWeaver AS JAVA Visual Composer com.sap.visualcomposer.BIKit.default XML External Entity7.57.5$5k-$25k$5k-$25kNot DefinedNot Defined0.001830.00CVE-2017-8913
2SAP NetWeaver Visual Composer privilegier eskalering9.39.1$5k-$25k$0-$5kNot DefinedOfficial Fix0.965070.02CVE-2021-38163
3Xunrui CMS main.html informationsgivning4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000960.10CVE-2023-1680
4Victor CMS login.php sql injektion6.36.1$0-$5k$0-$5kNot DefinedNot Defined0.001620.00CVE-2022-28060
5LimeSurvey LDAP Authentication Brute Force informationsgivning4.54.4$0-$5k$0-$5kNot DefinedOfficial Fix0.001550.02CVE-2019-16180
6GNU Mailman Pipermail informationsgivning4.04.0$0-$5k$0-$5kNot DefinedNot Defined0.000420.02CVE-2002-0389
7OceanWP Plugin privilegier eskalering5.55.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.05CVE-2023-23700
8Varnish Cache privilegier eskalering7.47.2$0-$5k$0-$5kNot DefinedOfficial Fix0.001250.03CVE-2022-45059
9Swagger-UI Key Name cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.002430.04CVE-2016-1000229
10akismet Plugin cross site scripting5.25.1$0-$5k$0-$5kNot DefinedOfficial Fix0.000780.03CVE-2015-9357
11TinyMCE Classic Editing Mode cross site scripting5.75.7$0-$5k$0-$5kNot DefinedNot Defined0.001150.00CVE-2020-12648
12WordPress REST API class-wp-rest-users-controller.php informationsgivning5.35.1$5k-$25k$0-$5kFunctionalOfficial Fix0.874100.03CVE-2017-5487
13SAP Solman caf~eu~gp~example~timeoff~wd informationsgivning6.46.4$5k-$25k$5k-$25kNot DefinedNot Defined0.007870.00CVE-2016-10005
14SAP NetWeaver XML External Entity8.17.7$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.007680.00CVE-2015-7241
15SAP Knowledge Warehouse KW cross site scripting3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.004250.03CVE-2021-42063
16SAP NetWeaver AS JAVA Query String UIUtilJavaScriptJS kataloggenomgång7.06.8$5k-$25k$0-$5kHighWorkaround0.007150.03CVE-2017-12637
17Apache HTTP Server Path Normalization kataloggenomgång7.37.0$5k-$25k$0-$5kHighOfficial Fix0.974620.00CVE-2021-41773
18Castle Rock SNMPc Online info.php4 informationsgivning6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.016400.00CVE-2020-11554
19Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash informationsgivning5.35.2$5k-$25k$0-$5kHighWorkaround0.020160.02CVE-2007-1192
20MGB OpenSource Guestbook email.php sql injektion7.37.3$0-$5k$0-$5kHighUnavailable0.013021.57CVE-2007-0354

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-adressHostnameSkådespelareKampanjerIdentifiedTypFörtroende
145.32.181.4845.32.181.48.vultr.comPcShare04/03/2022verifiedMedium
2XXX.X.XXX.XXXXxxxxxx04/03/2022verifiedHög

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueKlassSårbarheterÅtkomstvektorTypFörtroende
1CAPEC-13CWE-73, CWE-444, CWE-610, CWE-611Unknown VulnerabilitypredictiveHög
2T1006CAPEC-126CWE-22Path TraversalpredictiveHög
3TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxxxxx XxxxxxxxxpredictiveHög
4TXXXX.XXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxxxx Xxxx XxxxxxxxxpredictiveHög
5TXXXXCAPEC-10CWE-XX, CWE-XX, CWE-XXXXxx XxxxxxxxxpredictiveHög
6TXXXXCAPEC-116CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHög
7TXXXX.XXXCAPEC-19CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHög

IOA - Indicator of Attack (11)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/dayrui/My/View/main.htmlpredictiveHög
2File/includes/login.phppredictiveHög
3Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHög
4Filexxxxx.xxxpredictiveMedium
5Filexxxx.xxxxpredictiveMedium
6Filexxx/xxxxxxx/xxx/xxxxxx/xxxxxxx/xxx.xxx.xxxxxxxxxxxxxx.xxxxx.xxxxxxxpredictiveHög
7Filexxxxxxxxx/xx/xx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxpredictiveHög
8Filexxxxxxxxx/xxxxxxxxxx/xxx.xxx/xxx~xx~xx~xxxxxxx~xxxxxxx~xxpredictiveHög
9Filexx-xxxxxxxx/xxxx-xxx/xxxxxxxxx/xxxxx-xx-xxxx-xxxxx-xxxxxxxxxx.xxxpredictiveHög
10ArgumentxxpredictiveLåg
11Argumentxxxx_xxxxpredictiveMedium

Referenser (2)

The following list contains external sources which discuss the actor and the associated activities:

TidigareÖversiktNästa

Do you want to use VulDB in your project?

Use the official API to access entries easily!