UTA0178 分析

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (19)

时间轴

语言

en18
jp2

国家/地区

us16
it2
gb2

演员

UTA01782
Indexsinas1

活动

利益

时间轴

类型

Not Defined8
SSH Server Software2
Web Server2
Bug Tracking Software2

供应商

Not Defined6
Thomas R. Pasawicz2
SourceCodester2
Apache2
Metalinks2

产品

Coolpad Defiant2
T-Mobile Revvl Plus2
Thomas R. Pasawicz HyperBook Guestbook2
SourceCodester Online Admission System2
SSH2

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1Thomas R. Pasawicz HyperBook Guestbook Password Database gbconfiguration.dat Hash 信息公开5.35.2$5k-$25k计算HighWorkaround0.020160.00CVE-2007-1192
2Apple iOS WebKit 内存损坏6.46.1$100k 以及更多$5k-$25kNot DefinedOfficial Fix0.006010.03CVE-2018-4273
3SourceCodester Online Admission System index.php 跨网站脚本4.44.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.001380.04CVE-2022-2646
4Boa Webserver GET wapopen 目录遍历6.46.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.735400.04CVE-2017-9833
5Apache HTTP Server mod_proxy_uwsgi 内存损坏8.58.5$25k-$100k$5k-$25kNot DefinedNot Defined0.015260.04CVE-2020-11984
6Metalinks MetaCart e-Shop product.asp SQL注入7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.002100.00CVE-2005-1361
7WarHound WarHound General Shopping Cart item.asp SQL注入7.36.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.004630.00CVE-2006-6206
8AWStats Config awstats.pl 跨网站脚本4.34.1$5k-$25k$0-$5kProof-of-ConceptOfficial Fix0.005870.21CVE-2006-3681
9SSH RC4 Encryption 弱加密7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.005520.00CVE-2001-1475
10Apache Kafka Broker Data Loss 信息公开4.84.8$5k-$25k$0-$5kNot DefinedNot Defined0.001040.05CVE-2018-1288
11PHPWind goto.php Redirect6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.003480.37CVE-2015-4134
12Coolpad Defiant/T-Mobile Revvl Plus Factory Reset 权限升级7.37.3$0-$5k$0-$5kNot DefinedNot Defined0.001240.00CVE-2018-15003
13Oracle WebLogic Server jQuery XML External Entity9.19.0$25k-$100k$5k-$25kNot DefinedOfficial Fix0.005310.03CVE-2015-1832
14Mantis bug_api.php 权限升级7.37.0$0-$5k$0-$5kNot DefinedOfficial Fix0.007570.00CVE-2004-1734

IOC - Indicator of Compromise (13)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP地址Hostname参与者活动Identified类型可信度
147.207.9.89UTA01782024-01-17verified
250.213.208.8950-213-208-89-static.hfc.comcastbusiness.netUTA01782024-01-17verified
350.215.39.49UTA01782024-01-17verified
4XX.XXX.XXX.XXXxx-xxx-xxx-xxx-xxxxxx.xxx.xxxxxxxxxxxxxxx.xxxXxxxxxx2024-01-17verified
5XX.XX.XXX.XXXXxxxxxx2024-01-17verified
6XX.XXX.XXX.XXXxxxx.xxxxxxx.xxxXxxxxxx2024-01-17verified
7XX.XXX.XXX.XXXx-xx-xxx-xxx-xxx.xxxx.xx.xxxxxxx.xxxXxxxxxx2024-01-17verified
8XX.XXX.XXX.XXXxx-xxx-xxx-xxx-xxxxx.xxx.xxxxxxxxxxxxxxx.xxxXxxxxxx2024-01-17verified
9XX.XXX.XXX.XXxx-xxx-xxx-xx-xxxxxxxx-xx.xxx.xxxxxxxxxxxxxxx.xxxXxxxxxx2024-01-17verified
10XX.XXX.XX.XXXxxxx-xx-xxx-xx-xxx.xx.xx.xxx.xxxXxxxxxx2024-01-17verified
11XXX.XX.XX.Xxxxxxx-xxx-xx-xx-x.xxxxxx.xxxx.xxxxxxx.xxxXxxxxxx2024-01-17verified
12XXX.XXX.XXX.XXXxxx-xxxxxxxx.xxxxxx.xxxxxxxxx.xxxXxxxxxx2024-01-17verified
13XXX.XXX.XXX.XXXXxxxxxx2024-01-17verified

TTP - Tactics, Techniques, Procedures (6)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique分类漏洞访问向量类型可信度
1T1006CAPEC-126CWE-22Path Traversalpredictive
2T1059.007CAPEC-209CWE-79, CWE-80Cross Site Scriptingpredictive
3TXXXX.XXXCAPEC-178CWE-XXXXxxx Xxxxxxxxpredictive
4TXXXXCAPEC-108CWE-XXXxx Xxxxxxxxxpredictive
5TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
6TXXXXCAPEC-157CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (17)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/cgi-bin/wapopenpredictive
2Fileawstats.plpredictive
3Filebug_api.phppredictive
4Filexxxx/xxxxxxxxxxxxxxx.xxxpredictive
5Filexxxx.xxxpredictive
6Filexxxxx.xxxpredictive
7Filexxxx.xxxpredictive
8Filexxxxxxx.xxxpredictive
9Argumentxxxxxxpredictive
10Argumentxxxpredictive
11Argumentxxxxxxxxxxpredictive
12Argumentxxxxxxpredictive
13Argumentxxxxxxxxxx_xxxxpredictive
14Argumentx_xxxx_xxxpredictive
15Argumentxxxpredictive
16Input Value../..predictive
17Input Valuex</xx><xxxxxx>xxxxx(x)</xxxxxx>predictive

参考 (2)

The following list contains external sources which discuss the actor and the associated activities:

上一步一览下一步

Do you want to use VulDB in your project?

Use the official API to access entries easily!