Saint Kitts and Nevis Unknown Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (82)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	78
ja	2
de	2

Country

us	62
gb	4
ru	4
it	2
ag	2

Actors

Unknown	1

Activities

Interest

Timeline

Type

Not Defined	26
Network Management Software	6
Programming Language Software	6
Content Management System	6
Mail Server Software	4

Vendor

Not Defined	38
Microsoft	8
Dell EMC	4
Citrix	2
Amazon	2

Product

PRTG Network Monitor	4
PHP	4
Magento	4
Citrix XenMobile	2
Microsoft IIS	2

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	Raspberry Pi OS hard-coded password	8.8	8.6	$0-$5k	$0-$5k	Not Defined	Workaround	0.04287	0.04	CVE-2021-38759
2	GetSimple CMS theme-edit.php credentials management	8.0	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.48111	0.00	CVE-2019-11231
3	Microsoft Windows Network File System Remote Code Execution	9.8	8.5	$25k-$100k	$5k-$25k	Unproven	Official Fix	0.01424	0.00	CVE-2022-34715
4	SourceCodester Library Management System index.php sql injection	7.1	6.9	$0-$5k	$0-$5k	Proof-of-Concept	Not Defined	0.00114	0.09	CVE-2022-2492
5	Microsoft .NET Framework input validation	8.5	8.4	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00966	0.02	CVE-2018-8540
6	Brocade BigIron RX switch access control	5.3	5.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00623	0.00	CVE-2011-2760
7	Amazon AWS Apache Log4j Hotpatch Package race condition	7.0	7.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00042	0.04	CVE-2022-33915
8	CloudPanel 2 File Manager improper authentication	8.0	7.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.50534	0.00	CVE-2023-35885
9	Wifi-soft UniBox controller Diagnostic Tools Controller diagnostic_tools_controller command injection	9.3	9.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01692	0.04	CVE-2019-3496
10	Magento code injection	8.0	8.0	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00452	0.00	CVE-2020-9632
11	Magento code injection	8.5	8.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00238	0.03	CVE-2020-9664
12	Magento sql injection	5.5	5.5	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00063	0.04	CVE-2020-24400
13	nginx request smuggling	6.9	6.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00241	2.17	CVE-2020-12440
14	Tiki Admin Password tiki-login.php improper authentication	8.0	7.7	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00936	2.21	CVE-2020-15906
15	Host NetBIOS/SMB privileges management	7.3	7.1	$0-$5k	$0-$5k	High	Workaround	0.01500	0.00	CVE-1999-0621
16	jQuery dataType script.js Cross-Domain cross site scripting	5.2	4.9	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00660	0.19	CVE-2015-9251
17	Moodle Backup File Restore input validation	8.0	8.0	$5k-$25k	$5k-$25k	Not Defined	Not Defined	0.00736	0.07	CVE-2021-3943
18	Dell EMC iDRAC6/iDRAC7/iDRAC8/iDRAC9 Web Server memory corruption	8.4	8.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00973	0.00	CVE-2019-3705
19	puppetlabs-apt os command injection	8.5	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00175	0.00	CVE-2022-3275
20	GLPI Login Page sql injection	8.5	8.4	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00180	0.04	CVE-2022-31061

IOC - Indicator of Compromise (58)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Identified	Type	Confidence
1	23.131.208.0		Saint Kitts and Nevis Unknown	02/28/2023	verified	High
2	23.137.40.0		Saint Kitts and Nevis Unknown	05/11/2023	verified	High
3	38.86.181.28		Saint Kitts and Nevis Unknown	05/11/2023	verified	High
4	38.87.225.0		Saint Kitts and Nevis Unknown	05/11/2023	verified	High
5	38.87.231.192		Saint Kitts and Nevis Unknown	05/11/2023	verified	High
6	38.131.5.0		Saint Kitts and Nevis Unknown	05/11/2023	verified	High
7	45.42.252.0		Saint Kitts and Nevis Unknown	02/28/2023	verified	High
8	45.88.187.0		Saint Kitts and Nevis Unknown	02/28/2023	verified	High
9	57.74.108.0		Saint Kitts and Nevis Unknown	02/28/2023	verified	High
10	57.91.128.0		Saint Kitts and Nevis Unknown	02/28/2023	verified	High
11	65.48.155.0		Saint Kitts and Nevis Unknown	05/11/2023	verified	High
12	65.48.156.0		Saint Kitts and Nevis Unknown	05/11/2023	verified	High
13	XX.XX.XXX.XX	xxx-xxxxx.xxxxxxxxx.xxx	Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
14	XX.XX.XXX.XX	xxx-xxxxx.xxxxxxxxx.xxx	Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
15	XX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
16	XX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
17	XX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
18	XX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
19	XX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
20	XX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
21	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
22	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
23	XXX.XXX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
24	XXX.XX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
25	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
26	XXX.XXX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
27	XXX.X.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
28	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
29	XXX.XXX.XXX.X	x.xxxxxx.xxx	Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
30	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
31	XXX.XX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
32	XXX.XX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
33	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
34	XXX.XX.X.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
35	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
36	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
37	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
38	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
39	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
40	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
41	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
42	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
43	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
44	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
45	XXX.XXX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
46	XXX.XX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
47	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
48	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
49	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
50	XXX.XX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
51	XXX.XX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
52	XXX.XX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
53	XXX.XX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
54	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
55	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
56	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High
57	XXX.XX.XXX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	02/28/2023	verified	High
58	XXX.XXX.XX.X		Xxxxx Xxxxx Xxx Xxxxx Xxxxxxx	05/11/2023	verified	High

TTP - Tactics, Techniques, Procedures (10)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1006		CWE-21	Path Traversal	predictive	High
2	T1059	CAPEC-242	CWE-94	Argument Injection	predictive	High
3	TXXXX.XXX	CAPEC-209	CWE-XX	Xxxxx Xxxx Xxxxxxxxx	predictive	High
4	TXXXX	CAPEC-122	CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXX	Xxxxxxxxx Xxxx Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
5	TXXXX.XXX	CAPEC-	CWE-XXX	Xxx Xx Xxxx-xxxxx Xxxxxxxx	predictive	High
6	TXXXX	CAPEC-136	CWE-XX, CWE-XX	Xxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx Xxxxxxxxx	predictive	High
7	TXXXX	CAPEC-108	CWE-XX	Xxx Xxxxxxxxx	predictive	High
8	TXXXX	CAPEC-	CWE-XXX	Xxxxxxxxxxx Xxxxxxxxxx	predictive	High
9	TXXXX	CAPEC-116	CWE-XXX	Xxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx Xxxxxxxxxxx	predictive	High
10	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (33)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/+CSCOE+/logon.html	predictive	High
2	File	/index.php	predictive	Medium
3	File	/pms/index.php	predictive	High
4	File	/uncpath/	predictive	Medium
5	File	classes/wc-cartsguru-event-handler.php	predictive	High
6	File	xxxxxx.xxx	predictive	Medium
7	File	xxxxx.x	predictive	Low
8	File	xxxxxxx.x	predictive	Medium
9	File	xxx/xxxx/xxxx.x	predictive	High
10	File	xxx/xxxx/xxxx.x	predictive	High
11	File	xxxxxxxxxxxxxxxxxx.xxx	predictive	High
12	File	xxxxx.xxx	predictive	Medium
13	File	xxxxx.xxx	predictive	Medium
14	File	xxxxxxx.xxx	predictive	Medium
15	File	xxxxx.x	predictive	Low
16	File	xxxxxx.xx	predictive	Medium
17	File	xxxxxxx.xxx.xx.xxxxxxxxxxx.xxx	predictive	High
18	File	xxxxx-xxxx.xxx	predictive	High
19	File	xxxx-xxxxx.xxx	predictive	High
20	File	xxxxx/xxxxxxxxxx/xxxxxxxxxx_xxxxx_xxxxxxxxxx	predictive	High
21	Library	xxxxxxxx/xxx-xxx.xx	predictive	High
22	Argument	xxxxxxxx	predictive	Medium
23	Argument	xxxxxxxxx_	predictive	Medium
24	Argument	xxxxxx	predictive	Low
25	Argument	xxxx	predictive	Low
26	Argument	xxxx_xxxx	predictive	Medium
27	Argument	xxxx_xxxxx	predictive	Medium
28	Argument	_xxx_xxxxxxxxxxx_	predictive	High
29	Input Value	xxxxx' xxx (xxxxxx xxxx xxxx (xxxxxx(xxxxx(x)))xxxx) xxx 'xxxx'='xxxx&xxxxxxxx=xxxxxxxxxx	predictive	High
30	Input Value	xxxxx' xx 'x'='x	predictive	High
31	Input Value	xxxxxx	predictive	Low
32	Pattern	xxxx xx\|xx\|	predictive	Medium
33	Network Port	xxxxx xxx-xxx, xxx	predictive	High

References (3)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!