Common Information
| Type | Value |
|---|---|
| Value |
Vulnerabilities - T1588.006 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may acquire information about vulnerabilities that can be used during targeting. A vulnerability is a weakness in computer hardware or software that can, potentially, be exploited by an adversary to cause unintended or unanticipated behavior to occur. Adversaries may find vulnerability information by searching open databases or gaining access to closed vulnerability databases.(Citation: National Vulnerability Database) An adversary may monitor vulnerability disclosures/databases to understand the state of existing, as well as newly discovered, vulnerabilities. There is usually a delay between when a vulnerability is discovered and when it is made public. An adversary may target the systems of those known to conduct vulnerability research (including commercial vendors). Knowledge of a vulnerability may cause an adversary to search for an existing exploit (i.e. [Exploits](https://attack.mitre.org/techniques/T1588/005)) or to attempt to develop one themselves (i.e. [Exploits](https://attack.mitre.org/techniques/T1587/004)). |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2083-07-04 | 9 | SonicWall VPN Portal Critical Flaw (CVE-2020-5135) | ||
| Details | Website | 2051-02-02 | 32 | UNKNOWN | ||
| Details | Website | 2050-08-03 | 29 | Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload - CXSecurity.com | ||
| Details | Website | 2037-10-13 | 14 | Abusing IP camera's for red teaming: Obtaining the firmware | ||
| Details | Website | 2030-03-02 | 20 | APT QUARTERLY HIGHLIGHTS - Q3 : 2023 - CYFIRMA | ||
| Details | Website | 2028-01-01 | 3 | A Tour of the Worm | ||
| Details | Website | 2026-11-24 | 6 | 每日安全动态推送(24/11/26) | CTF导航 | ||
| Details | Website | 2025-12-14 | 0 | 3 Tips for Eliminating Attack Surface Blind Spots | ||
| Details | Website | 2025-12-13 | 0 | Best Practices for Securing Web Applications Against Modern… | ||
| Details | Website | 2025-11-27 | 0 | The Ransomware Threat: Preparing Schools and Libraries for… | ||
| Details | Website | 2025-11-27 | 0 | How Agentic AI Is Transforming Enterprise Software… | ||
| Details | Website | 2025-11-07 | 1 | Vault7 - Home | ||
| Details | Website | 2025-11-03 | 0 | CIS Advisories | ||
| Details | Website | 2025-10-24 | 7 | 每日安全动态推送(24/10/25) | CTF导航 | ||
| Details | Website | 2025-04-18 | 4 | Commonly Probed Webshell URLs - SANS Internet Storm Center | ||
| Details | Website | 2025-04-18 | 60 | Microsoft Patch Tuesday: March 2025 - SANS Internet Storm Center | ||
| Details | Website | 2025-04-18 | 3 | Scans for VMWare Hybrid Cloud Extension (HCX) API (Log4j - not brute forcing) - SANS Internet Storm Center | ||
| Details | Website | 2025-04-18 | 11 | Mirai Bot now incroporating (malformed?) DrayTek Vigor Router Exploits - SANS Internet Storm Center | ||
| Details | Website | 2025-04-18 | 16 | Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440 - SANS Internet Storm Center | ||
| Details | Website | 2025-04-18 | 15 | Let's Talk About HTTP Headers. - SANS Internet Storm Center | ||
| Details | Website | 2025-03-24 | 2 | WordPress Plugin Flaw Puts 200,000+ Sites at Risk of Code Execution | ||
| Details | Website | 2025-03-24 | 0 | RaaS: The new frontier of cybercrime | ||
| Details | Website | 2025-03-24 | 1 | New Browser-Based RDP Tool Enables Secure Remote Access to Windows Servers | ||
| Details | Website | 2025-03-24 | 25 | The SOS Intelligence CVE Chatter Weekly Top Ten - 24 March 2025 - SOS Intelligence | ||
| Details | Website | 2025-03-24 | 0 | Oracle Cloud denies data breach claims of 6 million data files leak - Cybersecurity Insiders |