URLZone 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (16)

语言

en	10
fr	4
de	2

国家/地区

us	10
fr	4

演员

URLZone	2

利益

类型

Not Defined	6
Router Operating System	2
Database Software	2

供应商

TP-LINK	2
Oracle	2
Huawei	2
Thomas R. Pasawicz	2
DZCP	2

产品

TP-LINK TL-WR740N	2
Oracle MySQL Server	2
Huawei HarmonyOS	2
Thomas R. Pasawicz HyperBook Guestbook	2
DZCP deV!L`z Clanportal	2

漏洞

#	漏洞	Base	Temp	0day	今天	易	修正	EPSS	CTI	CVE
1	Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 信息公开	5.3	5.2	$5k-$25k	$0-$5k	High	Workaround	0.02016	0.02	CVE-2007-1192
2	JForum Login 权限升级	6.5	6.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00151	0.06	CVE-2012-5338
3	Huawei HarmonyOS rphone Module 权限升级	6.6	6.6	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00043	0.00	CVE-2022-41576
4	Huawei HarmonyOS HwAirlink Module 信息公开	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00145	0.00	CVE-2022-38981
5	GNU wget HTTP Header 信息公开	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00084	0.02	CVE-2021-31879
6	Server NFS Export 权限升级	9.8	9.6	$0-$5k	$0-$5k	High	Workaround	0.01500	0.05	CVE-1999-0554
7	Oracle MySQL Server 未知漏洞	5.4	5.2	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00507	0.00	CVE-2012-0113
8	DZCP deV!L`z Clanportal browser.php 信息公开	5.3	5.0	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.02733	0.35	CVE-2007-1167
9	TP-LINK TL-WR740N HTTP Server 拒绝服务	6.5	6.2	$0-$5k	$0-$5k	Proof-of-Concept	Unavailable	0.00000	0.02
10	ThinkPHP index.php SQL注入	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00173	0.02	CVE-2018-10225

IOC - Indicator of Compromise (5)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP地址	Hostname	参与者	Identified	类型	可信度
1	35.188.197.118	118.197.188.35.bc.googleusercontent.com	URLZone	2022-03-10	verified	中
2	XX.XX.XX.XXX		Xxxxxxx	2022-03-10	verified	高
3	XX.XX.XXX.XXX		Xxxxxxx	2022-03-10	verified	高
4	XX.XX.XX.XXX		Xxxxxxx	2022-03-10	verified	高
5	XXX.XXX.XX.XXX		Xxxxxxx	2022-03-10	verified	高

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	漏洞	访问向量	类型	可信度
1	T1068	CWE-269	Execution with Unnecessary Privileges	predictive	高
2	TXXXX	CWE-XX	Xxx Xxxxxxxxx	predictive	高
3	TXXXX	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	高

IOA - Indicator of Attack (6)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	分类	Indicator	类型	可信度
1	File	data/gbconfiguration.dat	predictive	高
2	File	inc/filebrowser/browser.php	predictive	高
3	File	xxxxx.xxx	predictive	中
4	Argument	xxxxxxxxxxxxx	predictive	高
5	Argument	xxxx	predictive	低
6	Argument	xxxxxxxxxx	predictive	中

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ 上一步一览下一步 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!