Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
trendmicroblogSunil BhartiTRENDMICROBLOG:14FE8F511A83995781243081E1FAE933
HistoryMay 16, 2023 - 12:00 a.m.

8220 Gang Evolves With New Strategies

2023-05-1600:00:00
Sunil Bharti
www.trendmicro.com
30

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.974 High

EPSS

Percentile

99.8%

JSON

We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability.

Related

hackerone 1
thn 2
nuclei 1
prion 1
cve 1
talosblog 1
checkpoint_advisories 1
fireeye 1
openvas 1
nessus 1
githubexploit 1
impervablog 1
kitploit 1
oracle 1
hackerone
hackerone
MTN Group: Remote OS Command Execution on Oracle Weblogic server via [CVE-2017-3506]
2020-03-04 14:20:40
thn
thn
8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency
2023-05-18 09:31:00
8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware
2023-12-19 06:58:00
nuclei
nuclei
Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution
2021-04-26 09:48:57
prion
prion
Design/Logic Flaw
2017-04-24 19:59:00
cve
cve
CVE-2017-3506
2017-04-24 19:59:00
talosblog
talosblog
Ransom Where? Malicious Cryptocurrency Miners Takeover, Generating Millions
2018-01-31 07:58:00
checkpoint_advisories
checkpoint_advisories
Oracle WebLogic WLS Security Component Remote Code Execution (CVE-2017-10271; CVE-2017-3506)
2017-12-27 00:00:00
fireeye
fireeye
Click It Up: Targeting Local Government Payment Portals
2018-09-19 10:00:00
openvas
openvas
Oracle WebLogic Server Multiple Vulnerabilities-01 (cpuapr2017-3236618)
2017-04-19 00:00:00
nessus
nessus
Oracle WebLogic Server Multiple Vulnerabilities (April 2017 CPU)
2017-04-21 00:00:00
githubexploit
githubexploit
Exploit for Injection in Oracle Weblogic Server
2019-08-23 01:42:57
impervablog
impervablog
Imperva Detects Undocumented 8220 Gang Activities
2023-12-14 13:48:35
kitploit
kitploit
Vulmap - Web Vulnerability Scanning And Verification Tools
2020-12-25 11:30:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2017
2017-04-18 00:00:00

7.4 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

5.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

0.974 High

EPSS

Percentile

99.8%

JSON
Related for TRENDMICROBLOG:14FE8F511A83995781243081E1FAE933
hackerone1thn2nuclei1prion1cve1talosblog1checkpoint_advisories1fireeye1openvas1nessus1githubexploit1impervablog1kitploit1oracle1