Server-Side Template Injection: Transforming Web Applications from Assets to Liabilities - Check Point Research
Tags
maec-delivery-vectors: Watering Hole
attack-pattern: Data Indirect Confluence - T1213.001 Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Exploits - T1587.004 Exploits - T1588.005 Malicious File - T1204.002 Malware - T1587.001 Malware - T1588.001 Powershell - T1059.001 Python - T1059.006 Server - T1583.004 Server - T1584.004 Software - T1592.002 Template Injection - T1221 Tool - T1588.002 Vulnerabilities - T1588.006 Powershell - T1086 Windows Management Instrumentation - T1047
Show in Graph
Common Information
Type Value
UUID 308e82ff-b595-4afa-9a75-f5e00fc27916
Fingerprint b4130dd90927a7b5
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 14, 2024, 1 p.m.
Added to db Aug. 31, 2024, 4:32 a.m.
Last updated Nov. 17, 2024, 12:59 p.m.
Headline Server-Side Template Injection: Transforming Web Applications from Assets to Liabilities
Title Server-Side Template Injection: Transforming Web Applications from Assets to Liabilities - Check Point Research
Detected Hints/Tags/Attributes 96/2/8
Source URLs
Redirection Url
Details Source https://research.checkpoint.com/2024/server-side-template-injection-transforming-web-applications-from-assets-to-liabilities/
URL Provider
Details Provider Source level domain
Details checkpoint.com research.checkpoint.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 204 Check Point Research https://research.checkpoint.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 42 
cve-2022-22954
Details CVE 2 
cve-2024-28254
Details CVE 2 
cve-2016-4977
Details Domain 9 
dnslog.cn
Details Domain 2 
c3pool.org
Details Domain 1 
0dzfrrzq.sh
Details File 3 
wi.txt
Details File 674 
node.js