GeneralInformation

Hostnames	blgparts.com bpm.eroterest.net cu.ptr163.ptrcloud.net widget-fun.com
Domains	blgparts.com eroterest.net ptrcloud.net widget-fun.com
Country	Japan
City	Hatsudai
Organization	DIX Co., Ltd.
ISP	GMO GlobalSign Holdings K.K.
ASN	AS131921

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-31629	6.5In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.
CVE-2022-31628	5.5In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.
CVE-2020-11579	7.5An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.
CVE-2019-9675	8.1An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible.
CVE-2019-9641	9.8An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.
CVE-2019-9640	7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.
CVE-2019-9639	7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.
CVE-2019-9638	7.5An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.
CVE-2019-9637	7.5An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.
CVE-2019-9024	7.5An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.
CVE-2019-9023	9.8An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.
CVE-2019-9022	7.5An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.2. dns_get_record misparses a DNS response, which can allow a hostile DNS server to cause PHP to misuse memcpy, leading to read operations going past the buffer allocated for DNS data. This affects php_parserr in ext/standard/dns.c for DNS_CAA and DNS_ANY queries.
CVE-2019-9021	9.8An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.
CVE-2019-9020	9.8An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.
CVE-2019-6977	8.8gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be exploited by an attacker who is able to trigger imagecolormatch calls with crafted image data.
CVE-2019-13224	9.8A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets handled by onig_new_deluxe(). Oniguruma issues often affect Ruby, as well as common optional libraries for PHP and Rust.
CVE-2019-11043	9.8In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
CVE-2019-11042	4.8When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
CVE-2019-11041	4.8When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
CVE-2019-11040	4.8When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash.
CVE-2019-11039	4.2Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash.
CVE-2019-11038	3.1When using the gdImageCreateFromXbm() function in the GD Graphics Library (aka LibGD) 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized variable. This may lead to disclosing contents of the stack that has been left there by previous code.
CVE-2019-11036	4.8When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
CVE-2019-11035	4.8When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.
CVE-2019-11034	4.8When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_process_IFD_TAG function. This may lead to information disclosure or crash.
CVE-2018-20783	7.5In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.
CVE-2018-19935	7.5ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty string in the message argument to the imap_mail function.
CVE-2018-19518	7.5University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a user of a web application) and if rsh has been replaced by a program with different argument semantics. For example, if rsh is a link to ssh (as seen on Debian and Ubuntu systems), then the attack can use an IMAP server name containing a "-oProxyCommand" argument.
CVE-2018-19396	7.5ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class.
CVE-2018-19395	7.5ext/standard/var.c in PHP 5.x through 7.1.24 on Windows allows attackers to cause a denial of service (NULL pointer dereference and application crash) because com and com_safearray_proxy return NULL in com_properties_get in ext/com_dotnet/com_handlers.c, as demonstrated by a serialize call on COM("WScript.Shell").
CVE-2018-17082	6.1The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
CVE-2018-15132	7.5An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn't implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories.
CVE-2018-14883	7.5An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
CVE-2018-14851	5.5exif_process_IFD_in_MAKERNOTE in ext/exif/exif.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG file.
CVE-2018-10549	8.8An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character.
CVE-2018-10548	7.5An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.
CVE-2018-10547	6.1An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.
CVE-2018-10546	7.5An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences.
CVE-2017-8923	9.8The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative length, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact by leveraging a script's use of .= with a long string.
CVE-2015-9253	6.5An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. The php-fpm master process restarts a child process in an endless loop when using program execution functions (e.g., passthru, exec, shell_exec, or system) with a non-blocking STDIN stream, causing this master process to consume 100% of the CPU, and consume disk space with a large volume of error logs, as demonstrated by an attack by a customer of a shared-hosting facility.
CVE-2013-2220	Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.
CVE-2007-3205	The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

80 443 8080

428234114 | 2024-04-15T02:16:25.465704

80 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 15 Apr 2024 02:16:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.16
Set-Cookie: PHPSESSID=3ed5c252bfee0fde9e2ac03c5b70f186; expires=Wed, 15-Apr-2026 02:16:25 GMT; Max-Age=63072000; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

-378081351 | 2024-04-09T10:46:26.139947

443 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 09 Apr 2024 10:46:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.16
Set-Cookie: PHPSESSID=d741b2ba2c14bff26c52006da0034182; expires=Sun, 08-Apr-2029 10:46:25 GMT; Max-Age=157680000; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:67:66:43:4d:bd:87:07:b8:95:8f:9f:dd:d7:1b:da:be:2a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  7 21:00:49 2024 GMT
            Not After : Jul  6 21:00:48 2024 GMT
        Subject: CN=blgparts.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ef:6f:55:bb:20:6f:d3:c4:c2:f1:4e:72:6d:99:
                    c2:70:ff:24:4c:bc:31:9d:d7:dd:ab:17:20:96:c3:
                    7e:e8:8e:d2:70:50:37:47:1a:91:78:cb:18:d7:71:
                    27:b2:23:ee:11:23:7f:f8:e8:c5:dc:95:bd:7d:22:
                    e1:50:e8:71:58:06:3d:81:ce:23:7c:13:5f:88:1c:
                    16:94:78:db:e5:ec:6f:62:aa:fa:c1:b1:47:e4:2c:
                    f0:bd:c9:71:84:31:48:95:23:77:2a:59:f9:5c:fb:
                    97:b7:98:23:28:32:32:8e:7e:1d:bc:f4:05:d9:a3:
                    db:78:25:b6:8e:2c:5e:91:d7:3a:86:a4:04:f9:c6:
                    a4:0a:4b:08:56:51:60:6a:83:24:68:20:10:e2:74:
                    78:19:ea:62:fd:25:d6:e6:8f:96:ec:b4:fc:8d:14:
                    57:fe:d3:9c:7f:59:82:f3:f2:70:23:9a:ac:cc:e7:
                    dd:4d:e4:01:a3:78:08:67:86:26:7f:c9:ec:74:dc:
                    43:3b:36:fe:0f:c1:7d:a9:05:d7:c2:c6:d8:34:40:
                    b8:24:a8:d9:8b:9c:7e:42:b7:cd:4f:84:ea:ff:2c:
                    85:78:55:27:9d:35:7a:6e:31:a7:ad:70:5e:4b:8e:
                    31:80:93:30:ca:63:aa:d0:ed:89:f5:ca:07:48:d0:
                    f6:c3
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                22:6F:37:29:BF:A9:8E:E1:5C:5D:83:33:29:09:A0:39:24:C2:06:5F
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:blgparts.com, DNS:bpm.eroterest.net, DNS:widget-fun.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Apr  7 22:00:49.678 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:AB:BE:C8:30:58:80:1A:67:FB:00:10:
                                BC:1F:27:F7:E6:C3:08:B0:90:6A:BD:7D:A1:0C:C1:ED:
                                8C:48:B4:BD:2A:02:21:00:B1:0C:A6:E2:5C:8F:68:B1:
                                D4:FE:3A:3C:B1:55:6A:35:92:87:A4:A1:F7:85:77:34:
                                AA:45:C1:41:43:7F:94:F6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : DF:E1:56:EB:AA:05:AF:B5:9C:0F:86:71:8D:A8:C0:32:
                                4E:AE:56:D9:6E:A7:F5:A5:6A:01:D1:C1:3B:BE:52:5C
                    Timestamp : Apr  7 22:00:49.878 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:5C:1F:18:88:76:65:B7:6F:4B:50:78:9D:
                                FA:9B:39:C3:D6:20:02:08:45:B0:95:F4:C8:3C:14:CC:
                                CB:05:5E:86:02:20:2E:B4:7A:02:74:C9:5F:21:4F:D3:
                                0B:4E:24:5B:1A:80:DB:AA:29:90:BF:8C:24:9A:69:E0:
                                C4:20:9E:E6:41:A3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        b5:8f:9f:02:f9:05:fe:80:b8:5a:c9:e9:64:5c:9b:49:2c:f8:
        53:26:98:00:05:19:73:ed:70:d5:37:d8:b3:20:3c:00:15:a1:
        e6:c3:3d:f5:92:e2:f3:34:bd:e4:92:6d:ef:c5:fc:49:f8:eb:
        9f:5e:4d:70:b7:ca:7b:4b:df:f7:a6:39:c2:49:d4:cf:a3:45:
        6e:df:eb:07:2c:1f:56:a8:89:d3:35:7a:8c:f8:9e:04:13:1c:
        96:d6:41:f3:67:1a:15:ff:7a:82:66:0a:66:49:21:a5:ad:b2:
        cc:f5:a4:1d:13:b5:1f:d6:7f:70:73:ee:b3:d6:4f:d2:93:aa:
        0c:91:1c:e9:3f:cd:67:7e:8f:19:b9:86:83:c2:a8:d7:87:03:
        77:1e:81:91:2d:bd:10:94:9a:e1:25:5c:89:e5:9f:37:0a:b7:
        2e:b7:2d:21:14:7a:60:c6:3c:a4:1b:94:11:19:7b:69:d4:c3:
        6a:3e:76:c8:93:75:bf:f4:92:fb:4d:4c:e6:37:e6:d7:70:d1:
        c6:ed:ed:fe:12:d9:d0:c7:39:61:11:f2:ae:c0:a2:53:92:73:
        f3:e1:39:31:ed:f6:cf:c3:a7:e4:d5:cf:55:71:2f:81:e1:93:
        d0:0b:c4:b8:80:ee:74:ee:69:94:d0:34:8d:f5:9f:1d:f9:bd:
        b4:d8:e3:6c

1057370923 | 2024-04-09T23:31:53.343682

8080 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 09 Apr 2024 23:31:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.16
Set-Cookie: PHPSESSID=aabc594f3f07e56b57d18577ebdea2bc; expires=Sun, 08-Apr-2029 23:31:52 GMT; Max-Age=157680000; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache

153.122.97.200

Last Seen: 2024-04-15

GeneralInformation

Vulnerabilities

OpenPorts

428234114 | 2024-04-15T02:16:25.465704
80 / tcp

nginx

-378081351 | 2024-04-09T10:46:26.139947
443 / tcp

nginx

1057370923 | 2024-04-09T23:31:53.343682
8080 / tcp

nginx

Products

Pricing

Contact Us

153.122.97.200

Last Seen: 2024-04-15

GeneralInformation

Vulnerabilities

OpenPorts

428234114 | 2024-04-15T02:16:25.465704 80 / tcp

nginx

-378081351 | 2024-04-09T10:46:26.139947 443 / tcp

nginx

1057370923 | 2024-04-09T23:31:53.343682 8080 / tcp

nginx

Products

Pricing

Contact Us

428234114 | 2024-04-15T02:16:25.465704
80 / tcp

-378081351 | 2024-04-09T10:46:26.139947
443 / tcp

1057370923 | 2024-04-09T23:31:53.343682
8080 / tcp