GeneralInformation

Country	China
City	Nanjing
Organization	Chinanet Jiangsu Province Network
ISP	CHINANET-BACKBONE
ASN	AS4134
Operating System	Ubuntu

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

53 1701 2121 8888 9000

-553166942 | 2024-05-02T21:35:32.535534

53 / tcp

Recursion: enabled

-659284824 | 2024-04-25T11:41:23.909153

1701 / udp

\xc8\x02\x00^\x00\x00\x00\x00\x00\x00\x00\x01\x80\x08\x00\x00\x00\x00\x00\x02\x80\x08\x00\x00\x00\x02\x01\x00\x80\n\x00\x00\x00\x03\x00\x00\x00\x01\x80\n\x00\x00\x00\x04\x00\x00\x00\x00\x00\x08\x00\x00\x00\x06\x00\x01\x80\x08\x00\x00\x00\x0766\x00\x0e\x00\x00\x00\x08MikroTik\x80\x08\x00\x00\x00\ti^\x80\x08\x00\x00\x00\n\x00\x04

1601583941 | 2024-04-30T12:29:47.289419

2121 / tcp

220 66 FTP server (MikroTik 6.43.8) ready
530 Login incorrect
500 'HELP': command not understood
500 'FEAT': command not understood

854015141 | 2024-04-27T12:55:06.896804

8888 / tcp

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 7066
Content-Type: text/html
Date: Sat, 27 Apr 2024 12:55:06 GMT
Expires: 0


MikroTik RouterOS:
  Version: 6.43.8

1242377812 | 2024-05-07T17:09:56.260366

9000 / tcp

HTTP/1.1 407 Proxy Authentication Required
Server: nginx/1.18.0 (Ubuntu)
Date: Tue, 07 May 2024 17:09:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Proxy-Authenticate: Basic realm="Test Authentication System"

114.239.173.239

Last Seen: 2024-05-07

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-553166942 | 2024-05-02T21:35:32.535534
53 / tcp

-659284824 | 2024-04-25T11:41:23.909153
1701 / udp

1601583941 | 2024-04-30T12:29:47.289419
2121 / tcp

MikroTik router ftpd6.43.8

854015141 | 2024-04-27T12:55:06.896804
8888 / tcp

1242377812 | 2024-05-07T17:09:56.260366
9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

114.239.173.239

Last Seen: 2024-05-07

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-553166942 | 2024-05-02T21:35:32.535534 53 / tcp

-659284824 | 2024-04-25T11:41:23.909153 1701 / udp

1601583941 | 2024-04-30T12:29:47.289419 2121 / tcp

MikroTik router ftpd6.43.8

854015141 | 2024-04-27T12:55:06.896804 8888 / tcp

1242377812 | 2024-05-07T17:09:56.260366 9000 / tcp

nginx1.18.0

Products

Pricing

Contact Us

-553166942 | 2024-05-02T21:35:32.535534
53 / tcp

-659284824 | 2024-04-25T11:41:23.909153
1701 / udp

1601583941 | 2024-04-30T12:29:47.289419
2121 / tcp

854015141 | 2024-04-27T12:55:06.896804
8888 / tcp

1242377812 | 2024-05-07T17:09:56.260366
9000 / tcp