Custom Arsenal Developed to Target Multiple Industries
Essential information
- Published
- 27/05/2025 10:35
- Modified
- 27/05/2025 13:56
- Tags
- 2025-05-27 CVE-2017-9805 CVE-2021-22205 CVE-2024-27198 CVE-2024-27199 CVE-2024-51378 CVE-2024-51567 CVE-2024-56145 CVE-2024-9047 CVE-2025-31324 apt backdoor brute ratel bypassboss china-nexus cobalt strike custom tools dll sideloading multi-industry targeting pulsepack sql injection vshell vulnerability exploitation
- Related entities
- 9 vulnerabilities (cve), 185 observables, 1 intrusion sets (apt), 8 techniques (mitre), 5 malware, 9 others
Description
Related entities
Vulnerabilities, IOCs, intrusion sets, MITRE techniques and other entities referenced in this report.
Vulnerabilities (CVE) (9)
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected …
- Attack vector
- Network
- Published
- 02/06/2025
- Modified
- 21/12/2025
SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries …
- Attack vector
- Network
- Published
- 29/04/2025
- Modified
- 21/12/2025
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus …
- Attack vector
- Network
- Published
- 07/11/2024
- Modified
- 21/12/2025
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb allows remote attackers to bypass authentication and execute arbitrary commands …
- Attack vector
- Network
- Published
- 04/12/2024
- Modified
- 21/12/2025
The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. …
- Attack vector
- NETWORK
- Published
- 12/10/2024
- Modified
- 21/12/2025
Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to …
- Attack vector
- NETWORK
- Complexity
- HIGH
- Published
- 15/09/2017
- Modified
- 22/04/2026
JetBrains TeamCity contains a relative path traversal vulnerability that could allow limited admin actions to be performed.
- Attack vector
- NETWORK
- Complexity
- LOW
- Published
- 04/03/2024
- Modified
- 22/04/2026
JetBrains TeamCity contains an authentication bypass vulnerability that allows an attacker to perform admin actions.
- Attack vector
- Network
- Published
- 07/03/2024
- Modified
- 21/12/2025
GitHub Community and Enterprise Editions that utilize the ability to upload images through GitLab Workhorse are vulnerable to remote code execution. Workhorse …
- Published
- 03/11/2021
- Modified
- 20/12/2025
Observables (185)
-
d8e272f50e1d699870a74f8cbed06a9371212c208bcfa8b3c992a4744e84ed87 -
d8d1635a515fd3afb2ccfbd2a82feb2c2150161872f3a4babd90146626fe8355 -
d8364dc34ccece608beea861067fa31cae3f4ef0c3fcdf1804cc88d162c0ff15 -
d6c3c83d8549c691972e8fe91277c579efe83b731d5a1669d42692b0b3a17980 -
d3f0e0563269d23cfd1e54a16badd2e03d7826c364e2fb84ffe3d48b2a3738e9 -
d1d957406e9177a1ab10bb5a4d2d4dfb3ac971c390f8383eeaa263bdf8038058 -
d04904e32b5cb0f9b559855fac81d62c6ad0472dc443be02f08b6fe4a7d56f71 -
ce98feac673b63a3c030c976c0dd4a0fba0cd5e124373b390b0f3c7fa761f95e -
cbb512c427297c2b67b83e459887b59e3171ad47a22a62d89f03a1eacab1ac42 -
c8f855c7b1456739d1c03c4225093475baba75cb49d3f1051ba4e40831e5ce84 -
c87f7e0ae64e11ef755083bde6b756c695d07c6b89633f6fb66cd96214bcd502 -
c7137d350aaf2acc965763e380255e9fb63d6feefae4ed91c80b70ff022db855
Intrusion sets (APT) (1)
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Techniques (MITRE) (8)
Malware (5)
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
AlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Others (9)
-
British Indian Ocean Territory
-
India
-
Brazil
-
Retail
-
Technology
-
Transportation
-
Education
-
Finance
-
Government