部门 Lawfirm

Timeframe: -28 days

Default Categories (75): Access Management Software, Accounting Software, Anti-Malware Software, Anti-Spam Software, Application Server Software, Appointment Software, Artificial Intelligence Software, Asset Management Software, Backup Software, Billing Software, Business Process Management Software, Calendar Software, Chat Software, Cloud Software, Communications System, Connectivity Software, Content Management System, Customer Relationship Management System, Database Administration Software, Database Software, Digital Media Player, Directory Service Software, Document Management Software, Document Processing Software, Document Reader Software, Endpoint Management Software, Enterprise Resource Planning Software, File Compression Software, File Transfer Software, Firewall Software, Groupware Software, Hardware Driver Software, Human Capital Management Software, Image Processing Software, Information Management Software, IP Phone Software, Knowledge Base Software, Log Management Software, Mail Client Software, Mail Server Software, Messaging Software, Middleware, Multimedia Player Software, Multimedia Processing Software, Network Attached Storage Software, Network Authentication Software, Network Encryption Software, Network Management Software, Network Routing Software, Office Suite Software, Operating System, Photo Gallery Software, Policy Management Software, Presentation Software, Printing Software, Project Management Software, Remote Access Software, Reporting Software, Risk Management System, Router Operating System, Server Management Software, Service Management Software, Smartphone Operating System, Software Management Software, Solution Stack Software, Spreadsheet Software, SSH Server Software, Tablet Operating System, Ticket Tracking Software, Unified Communication Software, Virtualization Software, Web Browser, Web Server, Wireless LAN Software, Word Processing Software

时间轴

供应商

产品

Linux Kernel244
Microsoft Windows102
Foxit PDF Reader52
Juniper Junos OS28
Google Android26

修正

Official Fix756
Temporary Fix0
Workaround4
Unavailable0
Not Defined188

易受攻击性

High6
Functional2
Proof-of-Concept56
Unproven122
Not Defined762

访问向量

Not Defined0
Physical14
Local142
Adjacent300
Network492

身份验证

Not Defined0
High86
Low510
None352

用户交互

Not Defined0
Required266
None682

C3BM Index

CVSSv3 Base

≤10
≤20
≤312
≤496
≤5220
≤6262
≤7182
≤8116
≤952
≤108

CVSSv3 Temp

≤10
≤20
≤312
≤4130
≤5190
≤6374
≤7126
≤896
≤912
≤108

VulDB

≤10
≤20
≤330
≤4138
≤5180
≤6256
≤7172
≤8126
≤938
≤108

NVD

≤1948
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

CNA

≤1692
≤20
≤32
≤44
≤530
≤676
≤732
≤870
≤924
≤1018

供应商

≤1816
≤20
≤30
≤40
≤54
≤614
≤728
≤858
≤928
≤100

零日攻击

<1k46
<2k278
<5k48
<10k288
<25k158
<50k112
<100k18
≥100k0

本日攻击

<1k296
<2k322
<5k148
<10k84
<25k96
<50k2
<100k0
≥100k0

攻击市场容量

IOB - Indicator of Behavior (1000)

时间轴

语言

en986
ja6
pt2
es2
zh2

国家/地区

us534
gb104
jp12
ch12
de8

演员

活动

利益

时间轴

类型

供应商

产品

cym1102 nginxWebUI6
Google Chrome6
Palo Alto Networks PAN-OS4
Cisco IOS XE2
Vesystem Cloud Desktop2

漏洞

#漏洞BaseTemp0day今天修正EPSSCTICVE
1cym1102 nginxWebUI saveCmd handlePath 弱身份验证7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000454.51CVE-2024-3738
2PHPGurukul Small CRM Registration Page SQL注入7.36.6$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.89CVE-2024-3691
3DedeCMS update_guide.php 未知漏洞4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.45CVE-2024-3686
4PHPGurukul Small CRM Change Password SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.50CVE-2024-3690
5cym1102 nginxWebUI upload 权限升级6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000453.10CVE-2024-3739
6DedeCMS stepselect_main.php SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.52CVE-2024-3685
7cym1102 nginxWebUI reload exec 权限升级6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000453.49CVE-2024-3740
8Xiamen Four-Faith RMP Router Management Platform SQL注入6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.17CVE-2024-3688
9cym1102 nginxWebUI addOver findCountByQuery 目录遍历6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.85CVE-2024-3737
10cym1102 nginxWebUI upload 权限升级4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000452.57CVE-2024-3736
11Vesystem Cloud Desktop fileupload2.php 权限升级6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.83-CVE-2024-3804
12Vesystem Cloud Desktop fileupload.php 权限升级6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000001.70-CVE-2024-3803
13Palo Alto Networks PAN-OS GlobalProtect 权限升级8.98.7$0-$5k$0-$5kHighOfficial Fix0.003713.94CVE-2024-3400
14Macrob7 Macs CMS saveUser SQL注入6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.000000.12CVE-2023-45503
15Wappointment Appointment Bookings for Zoom GoogleMeet and more Plugin 权限升级4.64.5$0-$5k$0-$5kNot DefinedNot Defined0.000430.16-CVE-2024-32454
16Microsoft Azure Identity Library for .NET 信息公开4.44.2$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.12CVE-2024-29992
17mysql2 text_parser.js 未知漏洞6.56.3$0-$5k$0-$5kNot DefinedOfficial Fix0.000440.02CVE-2024-21509
18Palo Alto Networks PAN-OS Cloud Identity Engine 未知漏洞6.16.0$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.19CVE-2024-3383
19Linux Kernel pci1xxxx_spi_probe 拒绝服务5.04.9$0-$5k$0-$5kNot DefinedOfficial Fix0.000430.12CVE-2024-24862
20iboss Secure Web Gateway Login Portal login 跨网站脚本4.33.9$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.000450.24CVE-2024-3378

IOC - Indicator of Compromise (17)

These indicators of compromise highlight associated network ranges which are known to be part of research and attack activities.

IDIP range参与者类型可信度
154.38.234.0/24AsyncRATpredictive
268.66.216.0/24Powloadpredictive
3XX.XX.XXX.X/XXXxxxxpredictive
4XXX.XX.XXX.X/XXXxxxxpredictive
5XXX.XX.XXX.X/XXXxxxxxxxpredictive
6XXX.XX.XX.X/XXXxxxx Xxxpredictive
7XXX.XXX.XX.X/XXXxxxxpredictive
8XXX.XXX.XXX.X/XXXxxxxxxxxxxxpredictive
9XXX.XX.XXX.X/XXXxxxxxx Xxxxx Xxxxxpredictive
10XXX.XX.XX.X/XXXxxxxxpredictive
11XXX.XXX.XXX.X/XXXxxxpredictive
12XXX.XXX.XX.X/XXXxxxxxx Xxxxxxpredictive
13XXX.XXX.XXX.X/XXXxxxxx Xxxpredictive
14XXX.XXX.XXX.X/XXXxxxxpredictive
15XXX.XX.XX.X/XXXxxxxxxpredictive
16XXX.XX.XX.X/XXXxxxxxpredictive
17XXX.XXX.XX.X/XXXxxxpredictive

TTP - Tactics, Techniques, Procedures (27)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechnique漏洞访问向量类型可信度
1T1006CWE-22, CWE-23, CWE-24, CWE-25, CWE-35Path Traversalpredictive
2T1040CWE-319Authentication Bypass by Capture-replaypredictive
3T1055CWE-74Improper Neutralization of Data within XPath Expressionspredictive
4T1059CWE-94, CWE-1321Argument Injectionpredictive
5T1059.007CWE-79, CWE-80Cross Site Scriptingpredictive
6T1068CWE-250, CWE-269, CWE-274, CWE-284Execution with Unnecessary Privilegespredictive
7TXXXX.XXXCWE-XXXXxx Xx Xxxx-xxxxx Xxxxxxxxpredictive
8TXXXXCWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx Xxxxxxxxpredictive
9TXXXX.XXXCWE-XXX, CWE-XXXXxxx-xxxxx Xxxxxxxxxxxpredictive
10TXXXXCWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxxpredictive
11TXXXX.XXXCWE-XXXXxxx Xxxxxxxxpredictive
12TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xxxxxxpredictive
13TXXXX.XXXCWE-XXXXXxxxxxxxxxx Xxxxxxx Xxxxxxxxxx Xxxxxxxxxxpredictive
14TXXXXCWE-XXXxx Xxxxxxxxxpredictive
15TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxxxxpredictive
16TXXXXCWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxx Xxxxxxxxxxpredictive
17TXXXXCWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx Xxxxxxxxxxxpredictive
18TXXXX.XXXCWE-XXXXxxxxxx Xxxxxxxxxx Xxx Xxxxxxxx Xxxxxxx Xx Xx-xxxx Xxxxxx Xxxxxxxxpredictive
19TXXXX.XXXCWE-XXXXxxxxxxxxxxxpredictive
20TXXXXCWE-XXX, CWE-XXXXxxxxxxxx Xxxxxx Xxxxpredictive
21TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxx Xxxxpredictive
22TXXXX.XXXCWE-XXXXxxxxxxx Xxxxxxxxxxx Xxxxxxxxxxpredictive
23TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxxpredictive
24TXXXXCWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx Xxxxxxpredictive
25TXXXX.XXXCWE-XXXXxx Xxxxxxxxxx Xxxxxpredictive
26TXXXX.XXXCWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxxpredictive
27TXXXXCWE-XXXXxxxxxxxxxx Xxxxxxpredictive

IOA - Indicator of Attack (150)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID分类Indicator类型可信度
1File/admin/adminHome.phppredictive
2File/adminPage/conf/reloadpredictive
3File/adminPage/conf/saveCmdpredictive
4File/adminPage/main/uploadpredictive
5File/adminPage/www/addOverpredictive
6File/anchor/admin/categories/delete/2predictive
7File/anchor/admin/users/delete/2predictive
8File/api/runs/search/run/predictive
9File/cart.phppredictive
10File/description.phppredictive
11File/Device/Device/GetDeviceInfoList?deviceCode=&searchField=&deviceState=predictive
12File/endpoint/add-image.phppredictive
13File/etc/passwdpredictive
14File/index.phppredictive
15File/loginpredictive
16File/Product.phppredictive
17File/Public/webuploader/0.1.5/server/fileupload.phppredictive
18File/Public/webuploader/0.1.5/server/fileupload2.phppredictive
19File/src/dede/baidunews.phppredictive
20File/src/dede/co_do.phppredictive
21File/xxx/xxxx/xxxxxxxxxx_xxxx.xxxpredictive
22File/xxx/xxxx/xxxxxxxx_xxxxxxxx.xxxpredictive
23File/xxx/xxxx/xxxxxxxx_xx_xxxxxx.xxxpredictive
24File/xxx/xxxx/xxxxxxxx_xxx.xxxpredictive
25File/xxx/xxxx/xxxxxxxx_xxx_xxxxxx.xxxpredictive
26File/xxx/xxxx/xxxxxxxx_xxxx.xxxpredictive
27File/xxx/xxxx/xxx_xxxx.xxxpredictive
28File/xxx/xxxx/xxxxxx_xxxx.xxxpredictive
29File/xxx/xxxx/xxxxxx_xxxxxx.xxxpredictive
30File/xxx/xxxx/xxxx_xxxx.xxxpredictive
31File/xxx/xxxxxx/xxxxxpredictive
32Filexxxxxxxx_xxx_xxxxxxx_xxxx_xxxxxxx.xxxpredictive
33Filexxx-xxxxxxx.xxxpredictive
34Filexxxxx/xxxxxx_xxxx.xxxpredictive
35Filexx_xxxxxxxxxxxxxx.xpredictive
36Filexxxxxxxxxxxxxxx.xxxpredictive
37Filexxxxxxx.xxxpredictive
38Filexxxxxxxxxxxxx.xxxpredictive
39Filexxxxxxxxxxx.xxxpredictive
40Filexxxxxxxxxxx.xxxpredictive
41Filexxxxxxxxx.xpredictive
42Filexxxxxxxxxxx.xxxpredictive
43Filexxxxxxxx.xxxpredictive
44Filexxxx/xxx/xxxxxx/xxx/xxxx.xpredictive
45Filexxxx_xxxxxx.xpredictive
46Filexxxxx/xxx-xxxxxx.xpredictive
47Filexxxxx/xxx-xx-xxx.xpredictive
48Filexxx_xxx.xxxxpredictive
49Filexxxx_xxxxxxx.xxpredictive
50Filexxxxxxx/xxxxxx.xxx?x=xxxx_xxxxxpredictive
51Filexxxxxxxxxx/xxxxx/xxxxxxxxxxxxxxxx.xxxxpredictive
52Filexxxxxxxxxxxxxx.xxxpredictive
53Filexxxxxxxxx.xxxpredictive
54Filexxxx/xxxxxxxx_xxxxxxxx_xxxxxx.xxxpredictive
55Filexxxxxxx.xxxpredictive
56Filexxxxxxx/xxxxx/xxxxxxx/xx_xxxxxxxxx.xpredictive
57Filexxxxxxx/xxxx/xxx/xxxxxx.xpredictive
58Filexxxx.xpredictive
59Filexx/xxxxx/xxxx-xx.xpredictive
60Filexx/xxxxx/xxxxxxxxxxx.xpredictive
61Filexx/xxxxx/xxxx-xxx.xpredictive
62Filexx/xxxx/xxxx.xpredictive
63Filexxxxxpredictive
64Filexxxxx_xxxxxxpredictive
65Filexx/xxx/xxx_xx_xxx.xpredictive
66Filexxxxxxx/xxxxx/xxxxxx.xpredictive
67Filexxxxx.xxxpredictive
68Filexxxxx.xpredictive
69Filexxxxxx/xxx/xxxxxxx.xpredictive
70Filexxxxxx/xxx/xxxxx.xpredictive
71Filexxxxxx/xxx/xxxx.x:predictive
72Filexxx.xpredictive
73Filexxxxxxxxx.xxpredictive
74Filexxx.xpredictive
75Filexxxxxxx/xxxxxx.xxxpredictive
76Filexx/xxxx_xxxxx.xpredictive
77Filexx/xxxxxxxx.xpredictive
78Filexxxxxxx/xxxxx/xxxxxxx/xxxxxxx.xxxpredictive
79Filexxx/xxxx/xxxxxx.xpredictive
80Filexxx/xxx/xxx_xxxxxx.xpredictive
81Filexxx/xxxxxxxxxxx/xxxx.xpredictive
82Filexxx/xxxxxx/xxxxxxxxxxxxx.xpredictive
83Filexxxxx.xpredictive
84Filexxxxx.xpredictive
85Filexxxxxxxxx.xxxpredictive
86Filexxxxx/xxx/xxxx/xxxxx-xxx-xxx.xpredictive
87Filexxxxxxx:xxxxxxxxxxxxxxxxpredictive
88Filexxxxxxxxxx_xxxx.xxxpredictive
89Filexxxx_xxxxxx.xxpredictive
90Filexxx.xpredictive
91Filexxxxxx_xxxxx.xxxpredictive
92Filexxxxxxx/xx/xxxx/xxx/xxxxxx/xxxxxxxxx.xxpredictive
93Libraryxxxx.xxxpredictive
94Libraryxxxxxxx/xxxxx/xxxx.xpredictive
95Libraryxxx/xxx_xxxx.xpredictive
96Libraryxxx/xxxxxxxxxxxx.xpredictive
97Libraryxxx/xxxx_xxxxx.xpredictive
98Libraryxxx/xxx_xxxx.xpredictive
99Libraryxxx/xxxxxxxxxxx.xpredictive
100Libraryxxxxxxxx.xxxpredictive
101Libraryxxxx.xpredictive
102Argumentxxxxxxpredictive
103Argumentxxxpredictive
104Argumentxxxxxxxxxxxpredictive
105Argumentxxxxpredictive
106Argumentxxxxxxxxxxxxxxxxpredictive
107Argumentxx-xxxxxxpredictive
108Argumentxxxxxxxxpredictive
109Argumentxxxxxxx-xxxx/xxxxpredictive
110Argumentxxxxxxxxxxxpredictive
111Argumentxx_xxxx_xxxpredictive
112Argumentxxxpredictive
113Argumentxxxxxpredictive
114Argumentxxxxxxx_xxxxpredictive
115Argumentxxxxpredictive
116Argumentxxxxxxxxpredictive
117Argumentxxxxxpredictive
118Argumentxxxxxx_xxxxpredictive
119Argumentxxxxpredictive
120Argumentxxxxxxxpredictive
121Argumentx_xxxxpredictive
122Argumentxxpredictive
123Argumentxxpredictive
124Argumentxxxpredictive
125Argumentxxxxx_xxxxpredictive
126Argumentxxxxxpredictive
127Argumentxxx_xxpredictive
128Argumentxxxxx_xxxpredictive
129Argumentxxxxxxxpredictive
130Argumentxxxxpredictive
131Argumentxxxxxxxxpredictive
132Argumentxxxxxxxxxpredictive
133Argumentxxx_xxxxxxpredictive
134Argumentxxxxxxpredictive
135Argumentxxx_xxxxxxpredictive
136Argumentxx_xxxxx_xxxxxxxpredictive
137Argumentxxxx_xxxxxx_xxxxxpredictive
138Argumentxxxxxxxpredictive
139Argumentxxxxxxxpredictive
140Argumentxxxxxxxx/xxxxxxpredictive
141Argumentxxxxxxxxxxxpredictive
142Argumentxxxxxxxxxpredictive
143Argumentxxxx_xxxxxxx_xxxxpredictive
144Argumentxxxxpredictive
145Argumentxxxx/xxxxxxxxpredictive
146Argumentxxxxxpredictive
147Argumentxxxxxx xxxxxpredictive
148Argumentxxxxxxxx/xxxxxxxx/xxxxx_xxxxxxxx/xxxxx_xxxxxxxxpredictive
149Argumentxxxxxpredictive
150Argumentx-xxxxxxxxx-xxxpredictive

Do you know our Splunk app?

Download it now for free!