Cape Verde Unknown 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (32)

语言

en	22
pt	10

国家/地区

pt	24
cv	6
br	2

演员

Unknown	1

利益

类型

Content Management System	8
Not Defined	8
Windowing System Software	2
Bug Tracking Software	2
Web Server	2

供应商

Not Defined	16
Mobatek	2
Oracle	2
GitLab	2
Apache	2

产品

Wiki.js	4
Mobatek MobaXterm	2
WordPress	2
Oracle Blockchain Platform	2
GitLab Community Edition	2

漏洞

#	漏洞	Base	Temp	0day	今天	易	修正	EPSS	CTI	CVE
1	Redhat Nagios XI Core nagios.upgrade_to_v3.sh 权限升级	6.8	6.8	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00042	0.00	CVE-2013-2029
2	Fortinet FortiOS Restore Command 权限升级	3.8	3.7	$0-$5k	$0-$5k	High	Official Fix	0.00146	0.05	CVE-2021-44168
3	OpenSSH ssh-add Privilege Escalation	7.6	7.5	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00106	0.04	CVE-2023-28531
4	Wiki.js Storage Module 目录遍历	6.4	6.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00126	0.04	CVE-2021-43800
5	Wiki.js SVG File 跨网站脚本	4.4	4.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00053	0.00	CVE-2021-25993
6	lighttpd mod_extforward Plugin mod_extforward_Forwarded 内存损坏	6.3	6.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.02251	0.02	CVE-2022-22707
7	Simple College Website file_put_contents 权限升级	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00295	0.00	CVE-2022-40087
8	CMSUno central.php file_put_contents 权限升级	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00581	0.03	CVE-2021-40889
9	Xiaomi Redmi Note 9T/Redmi Note 11 write 内存损坏	5.7	5.7	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00089	0.04	CVE-2020-14125
10	WSO2 API Manager/IS as Key Manager/Identity Server File Based Service Provider Creation XML External Entity	5.5	5.3	$0-$5k	$0-$5k	Not Defined	Official Fix	0.02123	0.07	CVE-2021-42646
11	Zoho ManageEngine ManageEngine OpManager getmailserversettings SQL注入	6.4	6.4	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00323	0.00	CVE-2017-11559
12	Yoast SEO Plugin REST Endpoint posts 信息公开	3.5	3.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00123	0.04	CVE-2021-25118
13	WordPress wp_die 信息公开	4.5	4.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00093	0.04	CVE-2021-39200
14	WordPress SQL注入	6.8	6.7	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00467	0.08	CVE-2022-21664
15	pac-resolver PAC File Remote Code Execution	5.6	5.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00393	0.05	CVE-2021-23406
16	Oracle Blockchain Platform BCS Console 权限升级	7.3	7.1	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00331	0.00	CVE-2019-10086
17	GitLab Community Edition/Enterprise Edition OmniAuth 弱身份验证	8.2	8.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.24455	0.02	CVE-2022-1162
18	Fortinet FortiOS TFTP Client 内存损坏	7.0	6.8	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00042	0.03	CVE-2021-42757
19	Apache Directory Studio SASL Authentication 弱加密	3.1	3.1	$0-$5k	$5k-$25k	Not Defined	Not Defined	0.00055	0.00	CVE-2021-33900
20	JIRA picker Username 权限升级	5.3	5.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00379	0.05	CVE-2019-3403

IOC - Indicator of Compromise (19)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP地址	参与者	Identified	类型	可信度
1	38.44.64.0	Cape Verde Unknown	2023-04-28	verified	高
2	41.74.128.0	Cape Verde Unknown	2023-04-28	verified	高
3	41.79.124.0	Cape Verde Unknown	2023-04-28	verified	高
4	41.215.208.0	Cape Verde Unknown	2023-04-28	verified	高
5	XX.XXX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
6	XX.XX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
7	XXX.XX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
8	XXX.XXX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
9	XXX.XXX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
10	XXX.XXX.XX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
11	XXX.XXX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
12	XXX.XXX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
13	XXX.XX.XX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
14	XXX.XXX.XX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
15	XXX.X.X.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
16	XXX.XX.XX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
17	XXX.XX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
18	XXX.XXX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高
19	XXX.XXX.XXX.X	Xxxx Xxxxx Xxxxxxx	2023-04-28	verified	高

TTP - Tactics, Techniques, Procedures (11)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	分类	漏洞	访问向量	类型	可信度
1	T1006	CAPEC-126	CWE-22	Path Traversal	predictive	高
2	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	高
3	T1059.007	CAPEC-209	CWE-79	Cross Site Scripting	predictive	高
4	TXXXX	CAPEC-19	CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	高
5	TXXXX.XXX	CAPEC-	CWE-XXX	Xxx Xx Xxxx-xxxxx Xxxxxxxx	predictive	高
6	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	高
7	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxx Xxxxxxxxxxxxx	predictive	高
8	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	高
9	TXXXX	CAPEC-157	CWE-XXX	Xxxxxxxxxxxxx Xxxxxx	predictive	高
10	TXXXX.XXX	CAPEC-	CWE-XXX	Xxx Xxxxxxxxxx Xxxxx	predictive	高
11	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	高

IOA - Indicator of Attack (12)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	分类	Indicator	类型	可信度
1	File	.htaccess	predictive	中
2	File	/api/json/admin/getmailserversettings	predictive	高
3	File	/xxxx/xxx/x/xxxx/xxxxxx	predictive	高
4	File	xxxxxx.xxxxxxx_xx_xx.xx	predictive	高
5	File	xxxx/xxxxx	predictive	中
6	File	xx/xx/xxxxx	predictive	中
7	File	{xxxxxxx}/xxx/xxxxxxx.xxx	predictive	高
8	Argument	xxxxxx	predictive	低
9	Argument	xxxx	predictive	低
10	Argument	xxxxxx	predictive	低
11	Pattern	\|xx xx xx xx\|	predictive	高
12	Network Port	xxx/xx (xxxxxx)	predictive	高

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 上一步一览下一步 ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!