Custom Arsenal Developed to Target Multiple Industries
Essential information
- Published
- 27/05/2025 10:35
- Modified
- 27/05/2025 13:56
- Tags
- 2025-05-27 CVE-2017-9805 CVE-2021-22205 CVE-2024-27198 CVE-2024-27199 CVE-2024-51378 CVE-2024-51567 CVE-2024-56145 CVE-2024-9047 CVE-2025-31324 apt backdoor brute ratel bypassboss china-nexus cobalt strike custom tools dll sideloading multi-industry targeting pulsepack sql injection vshell vulnerability exploitation
- Related entities
- 9 vulnerabilities (cve), 185 observables, 1 intrusion sets (apt), 8 techniques (mitre), 5 malware, 9 others
Description
Related entities
Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.
Vulnerabilities (CVE) (9)
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected …
- Attack vector
- Network
- Published
- 02/06/2025
- Modified
- 21/12/2025
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries …
- Attack vector
- Network
- Published
- 29/04/2025
- Modified
- 21/12/2025
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus …
- Attack vector
- Network
- Published
- 07/11/2024
- Modified
- 21/12/2025
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands …
- Attack vector
- Network
- Published
- 04/12/2024
- Modified
- 21/12/2025
The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. …
- Attack vector
- NETWORK
- Published
- 12/10/2024
- Modified
- 21/12/2025
Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to …
- Attack vector
- NETWORK
- Complexity
- HIGH
- Published
- 15/09/2017
- Modified
- 22/04/2026
JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/03/2024
- Modified
- 22/04/2026
JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.
- Attack vector
- Network
- Published
- 07/03/2024
- Modified
- 21/12/2025
GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse …
- Published
- 03/11/2021
- Modified
- 20/12/2025
Observables (185)
-
f55bb674f524ea72d91dba894ea5448ecf92aab7bceb0cf0025383483e72cc1f -
f3f1ac9e1739a840242c9c215080085af61500dbe7bfd01886fe972e0ca22a26 -
f3bd3637ad90eae0bfa31c0735fa3bb2e0d7061f63456f7479948ce7e8cd7310 -
f29e98d60486472e80d2fac7afa7433bad74d69e25ba8b9533c3b23d6b6be9bd -
ed8684894015e74ff5cf217cbda2f2036e7c9f573f9b0aa46e29e7ff8c13f11b -
eb1df006c34463faf8325c52c2f132b62adaaff37afc0bd7ddf0274fa30e59d0 -
e9808c0e5ebba9aa2b2b5f856d1cb6965f6b5fa49e22dc423251786bb46ac2b7 -
e82ecbe3823046a27d8c39cc0a4acb498f415549946c9ff0e241838b34ed5a21 -
e5d34a8a39ae067efe12336732f43775fa8eaf86e0d7668816780d1db9821e5d -
e1e03d90eb8a65ed6d3b4ff16aed51443ecacba465ff1c96a6604c84b215fec8 -
de9117872e6b32d01fe2e2ec54899641486a1ebb3439123aadea8d5388617eee -
dc27e0fabdbad970519d354a83f8c4791d2311dedb9e7ed3cee2d0f52078f000
Intrusion sets (APT) (1)
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Techniques (MITRE) (8)
Malware (5)
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Others (9)
-
British Indian Ocean Territory
-
India
-
Brazil
-
Retail
-
Technology
-
Transportation
-
Education
-
Finance
-
Government