GeneralInformation

Hostnames	d172-218-186-243.bchsia.telus.net
Domains	telus.net
Country	Canada
City	Nelson
Organization	TELUS-FIBRE-PGRGBC01
ISP	TELUS Communications Inc.
ASN	AS852
Operating System	Windows (build 10.0.19041)

WebTechnologies

JavaScript libraries

jQuery3.0.0

jQuery UI1.11.4

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-23064	Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2019-11072	7.5lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.
CVE-2018-19052	5.0An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
CVE-2016-10707	5.0jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit.

OpenPorts

554 2222 3389 8080 44818

-1021419664 | 2024-04-15T10:27:08.890417

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Date: Mon, Apr 15 2024 10:27:08 GMT
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, PLAY, PAUSE, GET_PARAMETER, SET_PARAMETER

328075717 | 2024-05-02T00:17:48.670860

2222 / tcp

CSPV4
Session ID: 77824

212042568 | 2024-05-04T09:08:45.378440

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 10 (version 2004)/Windows Server (version 2004)
  OS Build: 10.0.19041
  Target Name: PUNDIT
  NetBIOS Domain Name: PUNDIT
  NetBIOS Computer Name: PUNDIT
  DNS Domain Name: Pundit
  FQDN: Pundit

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            25:fc:8c:a9:7e:3e:38:b8:4d:9a:c0:96:2b:14:dd:1f
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=Pundit
        Validity
            Not Before: Feb 13 17:51:40 2024 GMT
            Not After : Aug 14 17:51:40 2024 GMT
        Subject: CN=Pundit
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d8:ec:73:91:ab:43:d4:f4:6c:2f:41:3e:8c:97:
                    3f:a5:98:26:fe:4b:0b:fa:e5:37:33:96:37:21:a9:
                    02:de:f1:19:81:67:6a:17:7c:b3:cc:46:cc:7d:e7:
                    2a:0b:7d:ce:13:26:30:fd:40:de:f3:f7:2a:ca:93:
                    49:f3:38:3b:29:64:f9:4b:3f:86:35:1a:c7:aa:a2:
                    ea:36:5f:63:80:f3:a0:23:1f:e4:c7:1a:c2:31:4b:
                    46:72:92:a6:ba:ab:98:ea:46:05:a9:dc:62:b3:2e:
                    60:42:98:08:d3:14:6b:d5:53:0d:2f:33:07:db:bd:
                    51:9e:39:e6:8a:2a:7a:12:20:e1:57:2f:ea:5e:e0:
                    43:c1:28:9c:93:d2:d0:fd:61:89:4f:78:df:96:97:
                    fa:b5:dd:4b:6c:96:a3:4b:b9:8e:62:a8:19:15:6a:
                    6e:d0:aa:0c:4c:94:c6:28:52:a8:df:20:19:8b:95:
                    3f:b5:cf:8f:81:bf:8d:40:99:a0:d3:5e:5f:6f:2a:
                    37:e2:81:40:ff:9b:35:dc:8f:cd:30:9a:55:d8:26:
                    27:36:e0:1c:75:16:27:42:d4:dd:d9:a3:e2:3f:dc:
                    1b:23:91:42:96:4f:fa:fb:99:50:e6:d5:6b:b2:a9:
                    32:26:55:e0:1d:a7:85:38:89:8b:d1:7f:9e:ea:da:
                    74:31
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        88:e0:a2:e5:f6:6f:a3:ba:75:f1:98:ec:5f:b1:90:88:58:aa:
        f4:8a:2e:13:f4:ec:4b:d3:89:45:5b:33:0d:c3:71:59:9f:20:
        25:2e:d9:d4:11:c5:6f:02:d3:30:eb:c0:5c:07:81:87:f4:50:
        30:64:b0:71:03:9f:b9:20:61:48:18:39:08:1e:df:e4:dc:58:
        11:ec:6e:37:3b:66:fb:16:e0:50:bd:7f:7d:3d:8d:58:8a:85:
        8f:5d:b5:d8:0f:12:9b:ba:47:e4:aa:da:7b:2a:3f:d5:72:e0:
        9b:56:e3:ba:65:b1:80:1c:60:85:60:2b:0a:c9:71:5a:de:9e:
        da:bc:a4:51:22:85:b3:3a:7c:35:25:80:3e:41:21:73:e7:17:
        c0:4e:45:ce:77:58:d2:c9:37:9c:f2:5f:24:ec:e7:f7:5f:a6:
        38:4d:b7:77:2a:f2:ba:9a:94:26:aa:01:64:8b:6d:e0:60:4b:
        cc:36:dc:6d:cb:48:c8:76:2f:04:a6:8a:54:bb:73:4e:8a:97:
        5e:11:ea:5f:50:dc:51:ff:b1:48:6c:b0:80:f5:e9:78:63:af:
        d4:a5:96:50:53:ca:d5:66:78:20:85:e8:f4:be:2a:e3:37:64:
        b5:75:58:da:c3:0c:a5:e9:28:12:5e:62:cb:96:51:07:5f:18:
        49:f5:ce:94

114772997 | 2024-04-30T20:16:15.637680

8080 / tcp

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1827082912"
Last-Modified: Tue, 07 Sep 2021 19:16:13 GMT
Content-Length: 40730
Date: Tue, 30 Apr 2024 20:16:15 GMT
Server: lighttpd/1.4.45

-110985376 | 2024-04-29T20:35:45.599539

44818 / tcp

Product name: 1747-L551/C C/9 - DC 3.33 
Vendor ID: Rockwell Automation/Allen-Bradley
Serial number: 0xbc3022af
Device type: Communications Adapter
Device IP: 192.168.1.105

-110985376 | 2024-04-10T16:12:03.403564

44818 / udp

Product name: 1747-L551/C C/9 - DC 3.33 
Vendor ID: Rockwell Automation/Allen-Bradley
Serial number: 0xbc3022af
Device type: Communications Adapter
Device IP: 192.168.1.105

172.218.186.243

Last Seen: 2024-05-04

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1021419664 | 2024-04-15T10:27:08.890417
554 / tcp

328075717 | 2024-05-02T00:17:48.670860
2222 / tcp

212042568 | 2024-05-04T09:08:45.378440
3389 / tcp

Remote Desktop Protocol

114772997 | 2024-04-30T20:16:15.637680
8080 / tcp

lighttpd1.4.45

-110985376 | 2024-04-29T20:35:45.599539
44818 / tcp

Rockwell Automation/Allen-Bradley1747-L551/C C/9 - DC 3.33

-110985376 | 2024-04-10T16:12:03.403564
44818 / udp

Products

Pricing

Contact Us

172.218.186.243

Last Seen: 2024-05-04

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-1021419664 | 2024-04-15T10:27:08.890417 554 / tcp

328075717 | 2024-05-02T00:17:48.670860 2222 / tcp

212042568 | 2024-05-04T09:08:45.378440 3389 / tcp

Remote Desktop Protocol

114772997 | 2024-04-30T20:16:15.637680 8080 / tcp

lighttpd1.4.45

-110985376 | 2024-04-29T20:35:45.599539 44818 / tcp

Rockwell Automation/Allen-Bradley1747-L551/C C/9 - DC 3.33

-110985376 | 2024-04-10T16:12:03.403564 44818 / udp

Products

Pricing

Contact Us

-1021419664 | 2024-04-15T10:27:08.890417
554 / tcp

328075717 | 2024-05-02T00:17:48.670860
2222 / tcp

212042568 | 2024-05-04T09:08:45.378440
3389 / tcp

114772997 | 2024-04-30T20:16:15.637680
8080 / tcp

-110985376 | 2024-04-29T20:35:45.599539
44818 / tcp

-110985376 | 2024-04-10T16:12:03.403564
44818 / udp