Extenbro Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en256
de90
zh76
es72
fr72

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

de90
es72
fr72
pt68
sv66

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Unknown1

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined68
E-Commerce Management Software12
WordPress Plugin8
Web Browser6
Multimedia Player Software2

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Tenda38
Not Defined20
Kashipara10
Google6
Keenetic4

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

Tenda W15E12
Kashipara Online Furniture Shopping Ecommerce Webs ...10
Google Chrome6
Tenda i214
Tenda W94

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1EZVIZ CS-C6-21WFR-8 Davinci Application certificate validation3.73.6$0-$5k$0-$5kNot DefinedNot Defined0.000451.11CVE-2024-4063
2SourceCodester Simple Subscription Website view_application.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.20CVE-2024-4093
3Tenda 4G300 sub_4279CC stack-based overflow8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.000451.23CVE-2024-4169
4Tenda W15E formQOSRuleDel stack-based overflow8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.000451.02CVE-2024-4121
5PHPGurukul Doctor Appointment Management System appointment-bwdates-reports-details.php cross site scripting3.53.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000451.23CVE-2024-4293
6Techkshetra Info Solutions Savsoft Quiz Category Page editCategory cross site scripting2.42.2$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.91CVE-2024-4256
7Tenda AX1806 execCommand R7WebsSecurityHandler stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.94CVE-2024-4237
8Tenda AC8 SetRebootTimer formSetRebootTimer stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.79CVE-2024-4065
9idcCMS cross-site request forgery4.33.9$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.76CVE-2024-4172
10Tenda i22 formSetUrlFilterRule stack-based overflow8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.000450.76CVE-2024-4252
11Tenda W15E DelPortMapping formDelPortMapping stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.82CVE-2024-4117
12Tenda W15E SetSysTimeCfg formSetSysTime stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.88CVE-2024-4126
13Ruijie RG-UAC gre_edit_commit.php os command injection4.74.3$0-$5k$0-$5kProof-of-ConceptNot Defined0.000460.94CVE-2024-4255
14Tenda W9 DhcpSetSer fromDhcpSetSer stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.67CVE-2024-4244
15Keenetic KN-1010/KN-1410/KN-1711/KN-1810/KN-1910 Version Data version.js information disclosure5.34.9$0-$5k$0-$5kProof-of-ConceptWorkaround0.000450.76CVE-2024-4022
16PHPGurukul Doctor Appointment Management System view-appointment-detail.php resource injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.85CVE-2024-4294
17Tenda AX1806 SetRebootTimer formSetRebootTimer stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.65CVE-2024-4239
18Tenda 4G300 sub_41E858 stack-based overflow8.88.5$0-$5k$0-$5kNot DefinedNot Defined0.000451.00CVE-2024-4166
19Tenda i21 wifiSSIDget formwrlSSIDget stack-based overflow8.88.0$0-$5k$0-$5kProof-of-ConceptNot Defined0.000450.62CVE-2024-4249

IOC - Indicator of Compromise (4)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
145.86.180.227vm-329a5356.na4u.ruExtenbro07/16/2019verifiedHigh
2XXX.XXX.X.XXXxxxx.xxxxxxxx.xxxxxxxxx.xxXxxxxxxx07/16/2019verifiedHigh
3XXX.XXX.XXX.XXX.Xxxxxxxx07/16/2019verifiedHigh
4XXX.XXX.XX.XXXxxxx.xxxxxxx.xxxXxxxxxxx07/16/2019verifiedHigh

TTP - Tactics, Techniques, Procedures (12)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-21, CWE-22Path TraversalpredictiveHigh
2T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
3T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
4TXXXX.XXXCAPEC-209CWE-XXXxxxx Xxxx XxxxxxxxxpredictiveHigh
5TXXXXCAPEC-122CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
6TXXXXCAPEC-150CWE-XXXXxxx Xxx Xxxxxxxxx Xxxxxxxxxxx XxxxxxxxpredictiveHigh
7TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
8TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
9TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
10TXXXXCAPEC-37CWE-XXXXxxxxxxxx Xxxxxxx Xx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
11TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
12TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (103)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/admin/admin_cl.php?mudi=revPwdpredictiveHigh
2File/cgi-bin/koha/opac-MARCdetail.plpredictiveHigh
3File/doctor/view-appointment-detail.phppredictiveHigh
4File/goform/AddDnsForwardpredictiveHigh
5File/goform/addIpMacBindpredictiveHigh
6File/goform/AdvSetMacMtuWanpredictiveHigh
7File/goform/DelDhcpRulepredictiveHigh
8File/goform/delIpMacBindpredictiveHigh
9File/goform/DelPortMappingpredictiveHigh
10File/goform/DhcpSetSepredictiveHigh
11File/goform/DhcpSetSerpredictiveHigh
12File/goform/execCommandpredictiveHigh
13File/goform/modifyDhcpRulepredictiveHigh
14File/goform/modifyIpMacBindpredictiveHigh
15File/xxxxxx/xxxxxxxxxxxxxxxxxxxxxpredictiveHigh
16File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
17File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
18File/xxxxxx/xxxxxxxxxxpredictiveHigh
19File/xxxxxx/xxxxxxxxxxxpredictiveHigh
20File/xxxxxx/xxxxxxxxxpredictiveHigh
21File/xxxxxx/xxxxxxxxxxxxxxxxpredictiveHigh
22File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
23File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
24File/xxxxxx/xxxxxxxxxxxxxxxxxxpredictiveHigh
25File/xxxxxx/xxxxxxxxxxxxxxpredictiveHigh
26File/xxxxxx/xxxxxxxxxxxxxpredictiveHigh
27File/xxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
28File/xxxxxx/xxxxxxxxxxxpredictiveHigh
29File/xxxxxx/xxxxxxxxxxxpredictiveHigh
30File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
31File/xxxxx.xxx?x=xxxxx&x=xxxxx&x=xxxxxxx_xxxxpredictiveHigh
32File/xxxxxxxxxxxxx.xxpredictiveHigh
33File/xxxxxx/xxxxx.xxx/xxxxx/xxxxxxxxxxxxpredictiveHigh
34File/xxxxxxx.xxpredictiveMedium
35File/xxxx/xxxxxxx xxxxxx/xxx/xxx_xxxx_xxxxxx.xxxpredictiveHigh
36File/xxx/xxxxxxxxxxx.xxxpredictiveHigh
37Filexxx/xxxxxxxx/xxxpredictiveHigh
38Filexxx/xxxx/xxxxxxxxx/xxxxxxx.xxxpredictiveHigh
39Filexxxxxxxxxxx-xxxxxxx-xxxxxxx-xxxxxxx.xxxpredictiveHigh
40Filexxxxxx.xxxpredictiveMedium
41Filexxxxx/xxxxxxx/xxxxxxxxxxxxx.xxpredictiveHigh
42Filexxxxx.xxxpredictiveMedium
43Filexxxxx.xxxpredictiveMedium
44Filexxxxxxxx.xxxpredictiveMedium
45Filexxxxxxxx.xxxpredictiveMedium
46Filexxxxxx.xxxpredictiveMedium
47Filexxxxxxxxxxxx.xxxpredictiveHigh
48Filexxxx_xxxxxxxxxxx.xxxpredictiveHigh
49ArgumentxxxxxxxxxxxxpredictiveMedium
50ArgumentxxxxxxxxxxxxxpredictiveHigh
51Argumentxxxxxxxx_xxxxpredictiveHigh
52ArgumentxxxxxpredictiveLow
53Argumentxxxxxxx_xxpredictiveMedium
54ArgumentxxxxxxxxxxxxpredictiveMedium
55ArgumentxxxxxxxxxxpredictiveMedium
56ArgumentxxxxxxxpredictiveLow
57Argumentxxxxxxxxxxx/xxxxxxxxx/xxxxxx/xxxxxxxx/xxxxxxxxxxxxx/xxxxxxxx/xxxxxxxxpredictiveHigh
58ArgumentxxxxxxxxxxxxxxpredictiveHigh
59ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
60ArgumentxxxxxxpredictiveLow
61Argumentxxxxxx/xxxxx/xxxxxxpredictiveHigh
62ArgumentxxxxpredictiveLow
63Argumentxxxxxxxx/xxxxxxpredictiveHigh
64Argumentxx/xxxxpredictiveLow
65ArgumentxxxxxxxxxxpredictiveMedium
66ArgumentxxpredictiveLow
67ArgumentxxxxxxxxxxxxxxpredictiveHigh
68ArgumentxxxxxxxxxxxxxpredictiveHigh
69Argumentxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
70ArgumentxxxxpredictiveLow
71ArgumentxxxxpredictiveLow
72ArgumentxxxxxpredictiveLow
73ArgumentxxxxxxxxxxpredictiveMedium
74ArgumentxxxxpredictiveLow
75ArgumentxxxxpredictiveLow
76ArgumentxxxxxxxxpredictiveMedium
77ArgumentxxxxxpredictiveLow
78ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
79Argumentxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxx/xxxxxxxxxxxxxxxxxxxpredictiveHigh
80ArgumentxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
81ArgumentxxxpredictiveLow
82ArgumentxxxxxxpredictiveLow
83ArgumentxxxxxxxxpredictiveMedium
84ArgumentxxxxxxxpredictiveLow
85ArgumentxxxxxxxxxxxxxxxxxxpredictiveHigh
86ArgumentxxxxxxxxpredictiveMedium
87ArgumentxxxxxxxxxxpredictiveMedium
88ArgumentxxxxxxxxpredictiveMedium
89Argumentxxxxxxxxxx/xxxxxxxx/xxxxxxx/xxxxxxxxxxpredictiveHigh
90ArgumentxxxxxxxxxxxxpredictiveMedium
91ArgumentxxxpredictiveLow
92ArgumentxxxxxxxxxpredictiveMedium
93ArgumentxxxxxxxxxxxxxxxxpredictiveHigh
94ArgumentxxxxpredictiveLow
95ArgumentxxxxxxxxxxpredictiveMedium
96ArgumentxxxxxxxxxpredictiveMedium
97ArgumentxxxxxxxpredictiveLow
98Argumentxxxxxx/xxxxxxxx/xxxxxxxxx/xxx/xxxxxxxxxxx/xxxxxxxxxxpredictiveHigh
99Argumentxxxx/xxxxx/xxx/xxxx/xxxxxx/xxxxxxpredictiveHigh
100Input Value../predictiveLow
101Input Valuex"><xxxx>predictiveMedium
102Input ValuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
103Input Value><xxxxxx>xxxxx('xxx')</xxxxxx>predictiveHigh

References (2)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!