Ddostf DDoS Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (127)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en	128

Country

de	126
io	2

Actors

Ddostf DDoS	1

Activities

Interest

Timeline

Type

Not Defined	6
Operating System	4
Policy Management Software	2

Vendor

Not Defined	4
Aruba	2
Siemens	2
Apple	2
MiCODUS	2

Product

Aruba ClearPass Policy Manager	2
Bandmin	2
Siemens Tecnomatix Plant Simulation	2
Apple macOS	2
MiCODUS MV720 GPS Tracker	2

Vulnerabilities

#	Vulnerability	Base	Temp	0day	Today	Exp	Rem	EPSS	CTI	CVE
1	F5 BIG-IP iControl REST Authentication bash missing authentication	9.8	9.6	$5k-$25k	$0-$5k	High	Official Fix	0.97479	0.05	CVE-2022-1388
2	Digital Communications Technologies Syrus4 IoT Telematics Gateway MQTT Server improper authentication	9.9	9.9	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00179	0.04	CVE-2023-6248
3	FreeBSD Ping pr_pack stack-based overflow	7.3	7.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00043	0.00	CVE-2022-23093
4	MiCODUS MV720 GPS Tracker authorization	6.3	6.2	$0-$5k	$0-$5k	Not Defined	Not Defined	0.00054	0.00	CVE-2022-34150
5	Apple iOS/iPadOS CoreGraphics out-of-bounds write	6.3	6.0	$100k and more	$25k-$100k	Not Defined	Official Fix	0.00148	0.00	CVE-2021-30919
6	SEOPanel Import Website unrestricted upload	6.3	5.7	$0-$5k	$0-$5k	Proof-of-Concept	Official Fix	0.03439	0.00	CVE-2020-27461
7	rConfig POST Request login.php ldap injection	6.5	6.2	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00679	0.00	CVE-2020-23148
8	Apple macOS WebKit Remote Code Execution	6.3	6.0	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00374	0.00	CVE-2021-30797
9	Siemens Tecnomatix Plant Simulation SPP File Parser PlantSimCore.dll memory corruption	5.5	5.3	$5k-$25k	$0-$5k	Not Defined	Official Fix	0.00091	0.05	CVE-2021-27397
10	Aruba ClearPass Policy Manager XML Data xml external entity reference	6.3	6.0	$0-$5k	$0-$5k	Not Defined	Official Fix	0.00384	0.00	CVE-2021-29140
11	Bandmin index.cgi cross site scripting	4.3	4.3	$0-$5k	$0-$5k	Not Defined	Not Defined	0.01154	0.04	CVE-2003-0416

IOC - Indicator of Compromise (1)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

ID	IP address	Hostname	Actor	Campaigns	Identified	Type	Confidence
1	136.243.103.119	static.119.103.243.136.clients.your-server.de	Ddostf DDoS		11/16/2023	verified	High

TTP - Tactics, Techniques, Procedures (3)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

ID	Technique	Class	Vulnerabilities	Access Vector	Type	Confidence
1	T1059.007	CAPEC-18	CWE-80	Cross Site Scripting	predictive	High
2	TXXXX	CAPEC-136	CWE-XX	Xxx Xxxxxxxxx	predictive	High
3	TXXXX.XXX	CAPEC-1	CWE-XXX	Xxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx Xxxxxxxxx	predictive	High

IOA - Indicator of Attack (6)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

ID	Class	Indicator	Type	Confidence
1	File	/mgmt/tm/util/bash	predictive	High
2	File	index.cgi	predictive	Medium
3	File	xxxx/xxxxx.xxx	predictive	High
4	Library	xxxxxxxxxxxx.xxx	predictive	High
5	Argument	xxxxxxxxx	predictive	Medium
6	Argument	xxxx/xxxxx/xxxx	predictive	High

References (2)

The following list contains external sources which discuss the actor and the associated activities:

◂ PreviousOverviewNext ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!