Ghost In The Wire, Sonic In The Wall - Adventures With SonicWall
Tags
attack-pattern: Data Credentials - T1589.001 Dns - T1071.004 Dns - T1590.002 Firmware - T1592.003 Python - T1059.006 Software - T1592.002 Web Service - T1481 Vulnerabilities - T1588.006 Hypervisor - T1062 Web Service - T1102
Show in Graph
Common Information
Type Value
UUID 709295c7-4d65-4d90-97d8-ed29977f46be
Fingerprint ae0388914d41f2c0
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 20, 2023, midnight
Added to db Nov. 17, 2024, 12:55 p.m.
Last updated Nov. 17, 2024, 12:57 p.m.
Headline Ghost In The Wire, Sonic In The Wall - Adventures With SonicWall
Title Ghost In The Wire, Sonic In The Wall - Adventures With SonicWall
Detected Hints/Tags/Attributes 66/1/24
Source URLs
Redirection Url
Details Source https://labs.watchtowr.com/ghost-in-the-wire-sonic-in-the-wall/
URL Provider
Details Provider Source level domain
Details watchtowr.com labs.watchtowr.com
Attributes
Details Type #Events CTI Value
Details CVE 6 
cve-2023-41713
Details CVE 5 
cve-2023-39276
Details CVE 7 
cve-2023-39277
Details CVE 7 
cve-2023-39278
Details CVE 7 
cve-2023-39279
Details CVE 6 
cve-2023-39280
Details CVE 7 
cve-2023-41711
Details CVE 7 
cve-2023-41712
Details Domain 28 
psirt.global.sonicwall.com
Details File 4 
getbookmarklist.json
Details File 5 
sonicflow.csv
Details File 5 
appflowsessions.csv
Details File 1 
activationview.html
Details File 1 
activeconnectionsmonitor.html
Details File 1 
addafobjgroupdlg.html
Details File 1 
addantispamallowlistdlg.html
Details File 1 
addantispamrejectlistdlg.html
Details File 1 
igmpstate.xml
Details File 1 
accessrulestats.xml
Details File 4 
getpacketreplaydata.json
Details IPv4 1 
192.168.70.77
Details Url 1 
https://192.168.70.77:4433/api/sonicos/dynamic-file/igmpstate.xml
Details Url 1 
https://192.168.70.77:4433/api/sonicos/dynamic-file/accessrulestats.xml
Details Url 3 
https://psirt.global.sonicwall.com/vuln-detail/snwlid-2023-0012