New Tags
CVE-2021-26912 | CVE-2021-26913 | CVE-2021-26914 | CVE-2021-26915
Tag: NetMotion Mobility Server RCE Attempt [Intention: Malicious]
- This IP address has been observed attempting to exploit a deserialization vulnerability in NetMotion Mobility Server that can lead to remote code execution.
- Sources: NIST [1, 2 , 3, 4], SSD Disclosure
- See it on GreyNoise Viz
CVE-2021-21402
Tag: Jellyfin File Disclosure [Intention: Malicious]
- This IP address has been observed attempting to use CVE-2021-21402, an arbitrary file disclosure vulnerability in Jellyfin media server.
- Source: GitHub SecurityLab
- See it on GreyNoise Viz
CVE-2021-28799
Tag: QNAP walter SSH Backdoor Attempt [Intention: Malicious]
- This IP address has been observed attempting to connect using the username and password 'walter,' which are hardcoded backdoor SSH credentials that exist in some QNAP devices.
- Source: QNAP, QNAP Forum
- See it on GreyNoise Viz
CVE-2021-30461
Tag: VoIPmonitor Unauthenticated RCE Attempt [Intention: Malicious]
- This IP address has been observed attempting to exploit CVE-2021-30461, an unauthenticated command execution vulnerability in VoIPmonitor software.
- Source: NIST, SSD Disclosure
- See it on GreyNoise Viz
Tag Improvements
As part of our process, our research team continues to clean up and improve on existing tags as new information or better processes are introduced.
Tag: RDP Bruteforcer [Intention: Malicious]
- This IP address has been observed attempting to brute-force Microsoft Remote Desktop credentials.
- Source: Microsoft [1, 2]
- See it on GreyNoise Viz
Recent Integrations
Rapid 7 InsightConnect: Supports Enterprise API and Community API access.
CORTEX XSOAR: Supports Enterprise API and Community API access.
This article is a summary of the full, in-depth version on the GreyNoise Labs blog.
Read the full report
Be part of the conversation in our Community Slack group.
Follow us and don’t miss a thing.
.png)
