GeneralInformation

Hostnames	103-7-59-66.ptr.pop-idc.com stats.in.th
Domains	pop-idc.com stats.in.th
Country	Thailand
City	Bangkok
Organization	POPIDC1 powered by CSLoxinfo
ISP	POPIDC powered by CSLoxinfo
ASN	AS131447

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2019-11072	9.8lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.
CVE-2018-19052	7.5An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
CVE-2015-4000	4.3The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to conduct cipher-downgrade attacks by rewriting a ClientHello with DHE replaced by DHE_EXPORT and then rewriting a ServerHello with DHE_EXPORT replaced by DHE, aka the "Logjam" issue.
CVE-2015-0204	4.3The ssl3_get_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8zd, 1.0.0 before 1.0.0p, and 1.0.1 before 1.0.1k allows remote SSL servers to conduct RSA-to-EXPORT_RSA downgrade attacks and facilitate brute-force decryption by offering a weak ephemeral RSA key in a noncompliant role, related to the "FREAK" issue. NOTE: the scope of this CVE is only client code based on OpenSSL, not EXPORT_RSA issues associated with servers or other TLS implementations.

OpenPorts

80 111 161 443 8443

488873248 | 2024-04-12T17:58:47.473781

80 / tcp

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: text/html
Accept-Ranges: bytes
ETag: "791492610"
Last-Modified: Mon, 22 Oct 2007 12:13:49 GMT
Content-Length: 844
Date: Fri, 12 Apr 2024 17:58:47 GMT
Server: lighttpd/1.4.39

-1840820242 | 2024-04-13T20:04:24.979309

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	2	tcp	111
portmapper	2	udp	111
status	1	udp	804
status	1	tcp	807
rquotad	1	udp	652
rquotad	2	udp	652
rquotad	1	tcp	655
rquotad	2	tcp	655
nfs	2	udp	2049
nfs	3	udp	2049
nfs	4	udp	2049
nlockmgr	1	udp	42016
nlockmgr	3	udp	42016
nlockmgr	4	udp	42016
nfs	2	tcp	2049
nfs	3	tcp	2049
nfs	4	tcp	2049
nlockmgr	1	tcp	40203

-1002040231 | 2024-04-09T04:11:17.281904

161 / udp

SNMP:
  Versions:
    3
  Engine Boots: 20
  Engineid Data: 80001f88805096205c0c9d084e00000000
  Enterprise: 8072
  Engine Time: 727 days, 1:26:10

488873248 | 2024-04-13T21:48:21.133773

443 / tcp

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: text/html
Accept-Ranges: bytes
ETag: "791492610"
Last-Modified: Mon, 22 Oct 2007 12:13:49 GMT
Content-Length: 844
Date: Sat, 13 Apr 2024 21:48:20 GMT
Server: lighttpd/1.4.39

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            39:26:66:f7:69:77:64:44:7f:20:0c:e2:64:f8:c5:61
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=GB, ST=Greater Manchester, L=Salford, O=Sectigo Limited, CN=Sectigo RSA Domain Validation Secure Server CA
        Validity
            Not Before: Jul  8 00:00:00 2019 GMT
            Not After : Sep  5 23:59:59 2021 GMT
        Subject: OU=Domain Control Validated, OU=PositiveSSL Wildcard, CN=*.stats.in.th
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:62:97:de:23:cf:9e:98:fc:5a:ba:95:83:be:
                    2a:bf:1b:57:9a:6a:b4:69:83:b9:46:f1:97:db:34:
                    2c:ee:7f:e1:c1:7f:88:c9:8b:d5:aa:53:3a:bf:7c:
                    cb:64:1f:64:ac:42:60:f2:7a:52:b7:6d:03:3b:1a:
                    e4:bf:e9:cb:88:bc:d8:97:2e:dd:bf:4a:a1:d6:b3:
                    d9:14:af:7c:f3:d4:f9:ac:e8:31:87:38:a9:f1:26:
                    33:cf:ce:ab:20:92:a6:f3:fd:8d:cd:d6:5d:a8:51:
                    a7:bc:8e:43:27:d0:56:43:7b:bb:e8:00:f3:7f:f0:
                    1c:b9:74:af:a2:4f:fd:4f:04:9e:47:dc:33:73:32:
                    85:27:2d:01:88:c5:62:6a:7c:4b:d7:cf:8f:46:18:
                    15:3e:4c:0b:0d:c1:b8:42:10:a2:04:49:fa:2a:77:
                    4c:64:18:c6:7d:4b:8e:04:18:9b:90:b1:c6:8e:3f:
                    8b:37:9c:2c:54:64:30:a1:a4:85:cf:5d:72:b9:be:
                    74:95:ad:31:0c:dc:4e:73:04:2e:46:6b:d9:8b:55:
                    e4:d1:98:73:cb:36:49:b4:a9:f4:9c:10:38:9c:94:
                    ed:13:42:3b:b7:8f:64:68:f0:49:2e:78:07:2d:fa:
                    22:94:dd:4a:7b:dd:51:b0:0c:f1:dc:9a:2d:9a:29:
                    8d:c9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                8D:8C:5E:C4:54:AD:8A:E1:77:E9:9B:F9:9B:05:E1:B8:01:8D:61:E1
            X509v3 Subject Key Identifier: 
                5F:D6:E3:71:0C:75:76:77:2C:29:14:B9:E5:F1:87:A3:FB:BE:59:C2
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.7
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.sectigo.com/SectigoRSADomainValidationSecureServerCA.crt
                OCSP - URI:http://ocsp.sectigo.com
            X509v3 Subject Alternative Name: 
                DNS:*.stats.in.th, DNS:stats.in.th
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : BB:D9:DF:BC:1F:8A:71:B5:93:94:23:97:AA:92:7B:47:
                                38:57:95:0A:AB:52:E8:1A:90:96:64:36:8E:1E:D1:85
                    Timestamp : Jul  8 10:27:40.702 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:4E:27:98:BD:00:A3:38:DA:B7:E5:CB:7A:
                                77:50:2A:EE:1A:DF:34:EB:55:7F:5F:39:60:B4:CC:44:
                                D3:E8:E3:4C:02:20:69:BA:9B:2F:EA:CB:25:01:D7:43:
                                3A:19:A4:7C:C4:C3:DD:46:60:78:C9:13:1A:25:04:FA:
                                CC:99:7B:B8:02:0D
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 44:94:65:2E:B0:EE:CE:AF:C4:40:07:D8:A8:FE:28:C0:
                                DA:E6:82:BE:D8:CB:31:B5:3F:D3:33:96:B5:B6:81:A8
                    Timestamp : Jul  8 10:27:40.813 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5A:25:FA:22:96:05:D5:12:B8:D2:C7:D2:
                                AF:72:3A:E9:14:C2:ED:81:EF:7B:23:90:F1:07:93:16:
                                6B:7E:B6:1E:02:20:19:28:61:3B:17:AD:5C:89:07:AF:
                                80:F7:C9:6A:6C:88:53:52:5D:96:55:82:7B:CF:6B:AC:
                                11:AA:97:A5:2E:41
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 6F:53:76:AC:31:F0:31:19:D8:99:00:A4:51:15:FF:77:
                                15:1C:11:D9:02:C1:00:29:06:8D:B2:08:9A:37:D9:13
                    Timestamp : Jul  8 10:27:40.833 2019 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:91:3E:A2:6E:A3:B5:34:3B:3E:97:45:
                                CA:33:86:40:27:52:02:47:3B:71:01:F7:8C:3F:2E:31:
                                20:13:92:CF:E8:02:20:1C:72:8D:61:14:1B:6D:EE:6B:
                                76:35:82:F2:A9:A2:4C:04:94:5A:03:C2:A4:F5:C3:FD:
                                44:10:35:64:0C:5D:60
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        ce:23:0b:25:e6:f8:81:3f:73:6b:c2:f0:a0:c9:36:4a:ac:5a:
        69:3b:2d:05:85:96:92:2b:e6:ff:c2:8a:f2:be:bf:b7:e1:22:
        cc:58:3f:fd:b0:29:3e:e5:33:b7:84:f0:0c:6d:d4:5a:46:f0:
        3f:f6:d4:c1:fe:3e:8a:7a:3c:9e:a9:f8:3e:20:e3:5d:d8:c4:
        8f:33:7c:aa:86:5b:b1:91:a5:b8:3c:06:51:9d:fa:96:20:65:
        0d:33:dc:e5:74:59:23:2a:7d:7d:01:76:1f:f6:55:4f:83:84:
        c4:fc:2a:48:20:db:f5:af:88:9a:5f:27:93:5e:63:52:67:4a:
        5b:7f:a8:73:99:7d:de:f1:d0:e9:29:fa:6e:97:67:5d:88:dc:
        23:96:83:41:f2:09:f2:8a:f5:2e:01:88:23:43:53:55:aa:f6:
        00:ed:12:c2:e7:be:c0:79:b6:4b:46:08:dc:d0:f4:6d:f7:6a:
        d1:ce:44:b0:34:5b:13:c6:89:12:2d:cd:76:28:13:69:54:ca:
        39:1c:49:34:52:04:47:c1:32:80:be:e6:fa:a1:ab:65:7a:a0:
        07:4e:b0:59:84:e2:02:16:94:89:21:3b:fb:0b:e4:a4:86:bc:
        8f:18:39:51:a2:6b:43:9b:55:19:e3:ef:fa:6a:48:d9:9e:ca:
        5e:9d:e5:38

-1427440064 | 2024-04-18T04:56:02.001594

8443 / tcp

HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 11:56:01 GMT
Server: Mbedthis-Appweb/2.4.2
Cache-control: no-cache="set-cookie"
Content-type: text/html
ETag: "2f20b08-3e1-0"
Content-length: 830
Connection: keep-alive
Keep-Alive: timeout=60, max=2000
Set-Cookie: _appwebSessionId_=b005b80c51e119d18d0bcbac2521509a; path=/; secure

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=Texas, L=Round Rock, O=Dell Inc., OU=Remote Access Group, CN=iDRAC6 default certificate
        Validity
            Not Before: Sep 17 22:47:28 2009 GMT
            Not After : Sep 15 22:47:28 2019 GMT
        Subject: C=US, ST=Texas, L=Round Rock, O=Dell Inc., OU=Remote Access Group, CN=iDRAC6 default certificate
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:e6:fd:b6:b0:ee:7c:7b:57:f4:46:4f:a2:db:d5:
                    0b:54:31:09:d1:5e:d6:4c:48:ca:87:8b:7a:07:20:
                    66:1c:ca:1f:ce:b6:40:e4:f3:5e:05:88:72:b6:49:
                    6d:b8:f6:7c:6e:af:f9:45:5d:e2:85:93:42:0f:14:
                    6d:24:22:a1:27:b8:21:84:d0:ca:e8:2b:c7:24:72:
                    05:8a:20:6b:1a:19:86:8d:3e:0e:c7:6a:88:5c:2b:
                    57:3f:a0:d5:39:68:5f:1b:4d:5e:69:aa:73:2f:c5:
                    82:a2:7f:cf:85:d3:f1:50:eb:51:35:c1:3a:3a:60:
                    73:8d:87:80:55:cc:23:06:91
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                42:D1:C2:48:DC:A9:52:58:DB:03:16:3C:E5:5E:34:C0:FC:20:4E:D9
            X509v3 Authority Key Identifier: 
                keyid:42:D1:C2:48:DC:A9:52:58:DB:03:16:3C:E5:5E:34:C0:FC:20:4E:D9
                DirName:/C=US/ST=Texas/L=Round Rock/O=Dell Inc./OU=Remote Access Group/CN=iDRAC6 default certificate
                serial:01
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        b6:e9:80:db:1a:a2:83:06:96:f5:d7:c3:a8:2f:ad:ce:24:2d:
        91:6e:28:24:ea:d8:09:e2:dd:4c:9f:cd:8d:d8:84:e2:45:1e:
        cc:ff:6d:d9:08:fb:be:08:af:6c:cb:34:d4:3f:bc:59:b3:e2:
        e0:74:1a:57:9b:8c:e7:ca:73:8e:87:91:fa:5d:54:00:42:9d:
        57:fa:ec:ea:35:bd:7a:38:04:2d:11:eb:68:c4:72:3e:b0:b7:
        b8:2b:69:a6:32:ee:40:41:05:d5:f2:c7:af:b0:3b:e7:a5:b5:
        c6:86:20:fa:e4:69:ee:ba:89:2a:a5:23:c4:0c:68:07:a5:7f:
        6c:70

103.7.59.66

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

488873248 | 2024-04-12T17:58:47.473781
80 / tcp

lighttpd1.4.39

-1840820242 | 2024-04-13T20:04:24.979309
111 / tcp

-1002040231 | 2024-04-09T04:11:17.281904
161 / udp

net-snmp

488873248 | 2024-04-13T21:48:21.133773
443 / tcp

lighttpd1.4.39

-1427440064 | 2024-04-18T04:56:02.001594
8443 / tcp

Mbedthis Appweb2.4.2

Products

Pricing

Contact Us

103.7.59.66

Last Seen: 2024-04-18

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

488873248 | 2024-04-12T17:58:47.473781 80 / tcp

lighttpd1.4.39

-1840820242 | 2024-04-13T20:04:24.979309 111 / tcp

-1002040231 | 2024-04-09T04:11:17.281904 161 / udp

net-snmp

488873248 | 2024-04-13T21:48:21.133773 443 / tcp

lighttpd1.4.39

-1427440064 | 2024-04-18T04:56:02.001594 8443 / tcp

Mbedthis Appweb2.4.2

Products

Pricing

Contact Us

488873248 | 2024-04-12T17:58:47.473781
80 / tcp

-1840820242 | 2024-04-13T20:04:24.979309
111 / tcp

-1002040231 | 2024-04-09T04:11:17.281904
161 / udp

488873248 | 2024-04-13T21:48:21.133773
443 / tcp

-1427440064 | 2024-04-18T04:56:02.001594
8443 / tcp