Shlayer Analys

IOB - Indicator of Behavior (19)

Tidslinje

Lang

en18
fr2

Land

Skådespelare

Aktiviteter

Intressera

Tidslinje

Typ

Säljare

Produkt

Neato Botvac Connected2
Neato Botvac 852
Cisco Unified Communications Manager2
Cisco Unified Communications Manager Session Manag ...2
Cisco Unified Communications Manager IM & Presence ...2

Sårbarheter

#SårbarhetBaseTemp0dayI dagUtnRemCTIEPSSCVE
1LogicBoard CMS away.php Redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable4.070.00000
2lighttpd mod_evhost/mod_simple_vhost kataloggenomgång5.34.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000.14448CVE-2013-2324
3Samsung DSP Driver ELF Library privilegier eskalering6.46.1$0-$5k$0-$5kNot DefinedOfficial Fix0.020.00078CVE-2021-25371
4Seowon Intech SLC-130/SLR-120S system_log.cgi privilegier eskalering8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.000.96263CVE-2020-17456
5Cisco Unified Communications Manager Database User Privilege informationsgivning5.85.7$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00093CVE-2022-20791
6Neato Botvac Connected USB Serial Port privilegier eskalering4.94.9$0-$5k$0-$5kNot DefinedNot Defined0.020.00109CVE-2018-20785
7Neato Botvac Connected/Botvac 85 Black Box Log rc4_crypt RC4 svag kryptering3.43.4$0-$5k$0-$5kNot DefinedNot Defined0.000.00060CVE-2018-17177
8Facebook WhatsApp/WhatsApp Business/WhatsApp Desktop RTCP Flag Parser informationsgivning6.36.3$5k-$25k$5k-$25kNot DefinedNot Defined0.020.00138CVE-2021-24043
9Qualcomm Snapdragon Wired Infrastructure and Networking TrustZone BSP minneskorruption5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00044CVE-2020-11259
10Qualcomm Snapdragon Wired Infrastructure and Networking TrustZone BSP minneskorruption5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00044CVE-2020-11258
11Python Software Foundation BaseHTTPServer HTTP Request förnekande av tjänsten7.56.9$0-$5k$0-$5kProof-of-ConceptWorkaround0.020.00000
12Dell SupportAssist Client privilegier eskalering7.17.0$5k-$25k$0-$5kNot DefinedOfficial Fix0.000.00248CVE-2019-3719
13Acunetix Web Vulnerability Scanner förnekande av tjänsten3.73.5$0-$5k$0-$5kProof-of-ConceptUnavailable0.020.00000
14Plohni Advanced Comment System Installation index.php privilegier eskalering7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.040.00997CVE-2009-4623
15OpenSSH Authentication Username informationsgivning5.34.8$5k-$25k$0-$5kHighOfficial Fix0.000.10737CVE-2016-6210
16Forescout CounterACT privilegier eskalering5.35.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00452CVE-2012-4985
17ForeScout CounterACT cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.000.00195CVE-2012-1825
18Apache HTTP Server Limit Directive ap_limit_section minneskorruption6.46.3$5k-$25k$0-$5kHighOfficial Fix0.030.97305CVE-2017-9798
19Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash informationsgivning5.35.2$5k-$25k$0-$5kHighWorkaround0.020.02016CVE-2007-1192

IOC - Indicator of Compromise (2)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP-adressHostnameSkådespelareKampanjerIdentifiedTypFörtroende
134.225.46.51ec2-34-225-46-51.compute-1.amazonaws.comShlayer28/08/2022verifiedMedium
2XX.XX.XX.XXXxxxxxx28/08/2022verifiedHög

TTP - Tactics, Techniques, Procedures (8)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueSårbarheterÅtkomstvektorTypFörtroende
1T1006CWE-22, CWE-36Path TraversalpredictiveHög
2T1059CWE-94Argument InjectionpredictiveHög
3TXXXX.XXXCWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHög
4TXXXXCWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHög
5TXXXX.XXXCWE-XXXXxxx XxxxxxxxpredictiveHög
6TXXXX.XXXCWE-XXXXxxxxxxxpredictiveHög
7TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHög
8TXXXXCWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHög

IOA - Indicator of Attack (14)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDKlassIndicatorTypFörtroende
1File/bin/rc4_cryptpredictiveHög
2File/forum/away.phppredictiveHög
3Filexxxx/xxxxxxxxxxxxxxx.xxxpredictiveHög
4Filexxxxx.xxxpredictiveMedium
5Filexxxxxx_xxx.xxxpredictiveHög
6Argumentxxx_xxxxpredictiveMedium
7ArgumentxxxxxxxxpredictiveMedium
8ArgumentxxxxxxpredictiveLåg
9ArgumentxxxxxxxxpredictiveMedium
10ArgumentxxxxxxxpredictiveLåg
11ArgumentxxxxxxxxpredictiveMedium
12Input Value*^xxxxx!xpredictiveMedium
13Input Value../predictiveLåg
14Network Portxxx xxxxxx xxxxpredictiveHög

Referenser (3)

The following list contains external sources which discuss the actor and the associated activities:

Interested in the pricing of exploits?

See the underground prices here!