WARPWIRE
Essential information
- Confidence
- 100/100
- Is family
- Yes
- Published
- 05/03/2024 20:32
- Modified
- 27/03/2026 01:05
- Revoked
- No
- Author / Source
- The MITRE Corporation
- Related entities
- 15 attack patterns (mitre), 2 intrusion sets (apt), 1 sectors, 42 indicators, 11 vulnerabilities (cve), 1 campaign, 1 campaigns
Description
Marking (TLP)
TLP:CLEAR Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.
External references
Related entities
Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.
Attack patterns (MITRE) (15)
Intrusion sets (APT) (2)
-
UTA0178 usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
-
Magnet Goblin usesAlienVault Confidence 100First seen 01/01/1970 · Last seen 16/11/5138 ·
Sectors (1)
-
Government targets
Indicators (42)
-
stix 100/100 Revoked· Valid until 16/06/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 16/06/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 16/06/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 16/06/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 16/06/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 16/06/2025 · Source: AlienVault
-
stix 100/100 Revoked· Valid until 16/06/2025 · Source: AlienVault
-
www.fernandestechnical.comindicatesstix 100/100 Revoked· Valid until 26/06/2025 · Source: AlienVault -
stix 100/100 Revoked· Valid until 29/04/2024 · Source: AlienVault
Vulnerabilities (CVE) (11)
Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server …
- Attack vector
- Network
- Published
- 13/01/2025
- Modified
- 21/12/2025
Qlik Sense contains an HTTP tunneling vulnerability that allows an attacker to escalate privileges and execute HTTP requests on the backend server …
- Attack vector
- Network
- Published
- 07/12/2023
- Modified
- 21/12/2025
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure contain a command injection vulnerability in the web …
- Attack vector
- Network
- Published
- 10/01/2024
- Modified
- 27/05/2026
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user …
- Attack vector
- NETWORK
- Published
- 31/01/2024
- Modified
- 21/12/2025
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure), Ivanti Policy Secure, and Ivanti Neurons contain a server-side request forgery (SSRF) …
- Attack vector
- Network
- Published
- 31/01/2024
- Modified
- 27/05/2026
Shibboleth XMLTooling before 3.2.4, as used in OpenSAML and Shibboleth Service Provider, allows SSRF via a crafted KeyInfo element. (This is fixed …
- Attack vector
- NETWORK
- Published
- 26/06/2023
- Modified
- 21/12/2025
Qlik Sense contains a path traversal vulnerability that allows a remote, unauthenticated attacker to create an anonymous session by sending maliciously crafted …
- Attack vector
- Network
- Published
- 07/12/2023
- Modified
- 21/12/2025
Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution.
- Published
- 15/02/2022
- Modified
- 21/12/2025
An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x), Ivanti Policy Secure (9.x, 22.x) …
- Attack vector
- Network
- Published
- 13/02/2024
- Modified
- 27/05/2026
Ivanti Connect Secure (ICS, formerly known as Pulse Connect Secure) and Ivanti Policy Secure gateways contain an authentication bypass vulnerability in the …
- Attack vector
- Network
- Published
- 10/01/2024
- Modified
- 27/05/2026
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easily …
- Attack vector
- NETWORK
- Published
- 18/01/2023
- Modified
- 21/12/2025
Campaign (1)
-
Cutting Edge uses
Campaigns (1)
-
Cutting Edge