GoGoogle 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (16)

时间轴

语言

en16

国家/地区

gb6
us4
nl4
ru2

演员

Amnesia1
GoGoogle1

活动

利益

时间轴

类型

WordPress Plugin6
File Transfer Software2
Network Management Software2
Network Attached Storage Software2
Asset Management Software2

供应商

Not Defined12
QNAP2
Crocoblock2

产品

Samba2
PRTG Network Monitor2
QNAP NAS2
GLPI2
Download Manager2

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1WordPress Post press-this.php 权限升级5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000540.03CVE-2011-1762
2Elementor Website Builder Plugin AJAX Action module.php 权限升级7.57.4$0-$5k$0-$5kNot DefinedNot Defined0.961970.02CVE-2022-1329
3Crocoblock JetEngine Form Data Privilege Escalation5.55.3$0-$5k$0-$5kNot DefinedOfficial Fix0.002010.00CVE-2021-41844
4Crocoblock JetEngine Custom Forms 跨网站脚本3.53.4$0-$5k$0-$5kNot DefinedOfficial Fix0.000660.00CVE-2021-38607
5WPBakery XSS Protection Mechanism kses_remove_filters 权限升级5.95.6$0-$5k$0-$5kNot DefinedOfficial Fix0.000580.02CVE-2020-28650
6Yoast SEO Plugin Term Description 权限升级9.08.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002440.02CVE-2019-13478
7Rocket.Chat Server NoSQL SQL注入8.58.3$0-$5k$0-$5kNot DefinedOfficial Fix0.003690.04CVE-2017-1000493
8vBulletin moderation.php SQL注入7.37.0$0-$5k$0-$5kHighOfficial Fix0.002840.01CVE-2016-6195
9PRTG Network Monitor addusers 权限升级7.57.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000930.00CVE-2018-19411
10PRTG Network Monitor login.htm 权限升级8.58.2$0-$5k$0-$5kNot DefinedOfficial Fix0.002880.04CVE-2018-19410
11Samba smbd _netr_ServerPasswordSet 未知漏洞6.55.7$0-$5k$0-$5kHighOfficial Fix0.974000.00CVE-2015-0240
12OpenSSH Authentication Username 信息公开5.34.8$5k-$25k$0-$5kHighOfficial Fix0.107370.18CVE-2016-6210
13QNAP Music Station 权限升级8.58.5$0-$5k$0-$5kNot DefinedNot Defined0.002740.00CVE-2017-13069
14QNAP NAS cgi.cgi 内存损坏5.95.4$0-$5k$0-$5kProof-of-ConceptUnavailable0.000000.05
15Download Manager Redirect6.25.9$0-$5k$0-$5kNot DefinedOfficial Fix0.002330.00CVE-2017-2217
16GLPI 信息公开5.35.1$0-$5k$0-$5kNot DefinedOfficial Fix0.007030.00CVE-2011-2720

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP地址Hostname参与者活动Identified类型可信度
193.174.95.73GoGoogle2022-04-26verified

TTP - Tactics, Techniques, Procedures (7)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1059.007CWE-79Cross Site Scriptingpredictive
2T1068CWE-264, CWE-284Execution with Unnecessary Privilegespredictive
3TXXXXCWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
4TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictive
5TXXXXCWE-XXXxx Xxxxxxxxxpredictive
6TXXXXCWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
7TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive

IOA - Indicator of Attack (8)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/api/adduserspredictive
2File/home/httpd/cgi-bin/cgi.cgipredictive
3File/xxxxxx/xxxxx.xxxpredictive
4Filexxxxxxxxxxx/xxxxxxxx/xxxxxxxxxx.xxxpredictive
5Filexx-xxxxx/xxxxx-xxxx.xxxpredictive
6File~/xxxx/xxx/xxxxxxx/xxxxxxxxxx/xxxxxx.xxxpredictive
7Argumentxxxxxxxxpredictive
8Argumentxxxxxxxpredictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

上一步一览下一步

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!