GeneralInformation

Hostnames	net-2-37-71-231.cust.vodafonedsl.it
Domains	vodafonedsl.it
Country	Italy
City	Ponzano
Organization	Vodafone Italia S.p.A.
ISP	Vodafone Italia S.p.A.
ASN	AS30722

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-22707

4.3In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

CVE-2019-11072

7.5lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.

OpenPorts

123 2000 8081 8291 8880 8888

388818367 | 2024-04-27T12:41:13.737992

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -20
rootdelay: 0.0235595703125
rootdisp: 0.0192108154297
refid: 3251401448
reftime: 3923210255.94
poll: 0

-1538260461 | 2024-04-28T23:53:14.527441

2000 / tcp

\x01\x00\x00\x00

-1095091349 | 2024-04-21T14:33:54.173380

8081 / tcp

HTTP/1.0 401 Unauthorized
Content-type: text/html
Date: Sun, 21 Apr 2024 14:33:54 GMT
Connection: close
WWW-Authenticate: Digest realm="SERCOMM CPE Authentication",nonce="1226805875",algorithm="MD5",qop="auth"

<HEAD><TITLE>401 Unauthorized</TITLE></HEAD>
<BODY><H1>401 Unauthorized</H1>
The requested method needs authorization.
</BODY>

-1748625195 | 2024-04-28T02:59:20.632573

8291 / tcp

MikroTik Winbox:
  list:
    advtool.jg: 7.14.2
    dhcp.jg: 7.14.2
    hotspot.jg: 7.14.2
    icons.png: 7.14.2
    icons24.png: 
    icons32.png: 
    ipv6.jg: 7.14.2
    ppp.jg: 7.14.2
    roteros.jg: 7.14.2
    secure.jg: 7.14.2
    wave2.jg: 7.14.2
    wlan6.jg: 7.14.2

-345906261 | 2024-04-25T09:51:41.416985

8880 / tcp

HTTP/1.1 200 OK
Content-type: text/html; charset=UTF-8
Content-Length: 11066
Date: Thu, 25 Apr 2024 09:51:41 GMT
Server: lighttpd/1.4.53

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml" lang="en">
<head>
    <meta name="robots" content="index" />
    <meta name="robots" content="follow" />
    <meta name="language" content="English" />
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    <meta name="generator" content="DVSwitch" />
    <meta name="Author" content="Andrew Taylor (MW0MWZ), Waldek (SP2ONG)" />
    <meta name="Description" content="Dashboard based on Pi-Star Dashboard, © Andy Taylor (MW0MWZ) and adapted to DVSwitch by SP2ONG" />
    <meta name="KeyWords" content="MMDVM_Bridge,Analog_Bridge,ircDDBGateway,D-Star,ircDDB,DMRGateway,DMR,YSFGateway,YSF,C4FM,NXDNGateway,NXDN,P25Gateway,P25,DVSwitch,DL5DI,DG9VH,MW0MWZ,SP2ONG" />
    <meta http-equiv="cache-control" content="max-age=0" />
    <meta http-equiv="cache-control" content="no-cache, no-store, must-revalidate" />
    <meta http-equiv="expires" content="0" />
    <meta http-equiv="pragma" content="no-cache" />
<link rel="shortcut icon" href="images/favicon.ico" sizes="16x16 32x32" type="image/png">
    <title>DVSwitch Dashboard</title>
    <link rel="stylesheet" type="text/css" media="screen and (min-width: 830px)" href="css/css.php" />
    <link rel="stylesheet" type="text/css" media="screen and (max-width: 829px)" href="css/css-mini.php" />
    <script type="text/javascript" src="scripts/jquery.min.js"></script>
    <script type="text/javascript" src="scripts/functions.js"></script>
    <script type="text/javascript" src="scripts/pcm-player.min.js"></script>
    <script type="text/javascript">
      $.ajaxSetup({ cache: false });
    </script>
    <link href="css/featherlight.css" type="text/css" rel="stylesheet" />
    <script src="scripts/featherlight.js" type="text/javascript" charset="utf-8"></script>
</head>
<body style="background-color: #f8f8f8f8;font: 11pt arial, sans-serif;">
<center>
<fieldset style="box-shadow:0 0 10px #999; background-color:#fafafa; width:0px;margin-top:15px;margin-left:0px;margin-right:5px;font-size:13px;border-top-left-radius: 10px; border-top-right-radius: 10px;border-bottom-left-radius: 10px; border-bottom-right-radius: 10px;">
<div class="container"> 
<div class="header">
<center>
<h2>DVSwitch Dashboard</h2>
</center>
</div>
<div class="content"><center>
<div style="margin-top:8px;">
<button class="button link" onclick="playAudioToggle(7080, this)"><b>&nbsp;&nbsp;&nbsp;<img src=images/speaker.png alt="" style="vertical-align:middle">&nbsp;&nbsp;RX Monitor&nbsp;&nbsp;&nbsp;</b></button></div></center>
</div>
<table style="border:none; border-collapse:collapse; cellspacing:0; cellpadding:0; background-color:#fafafa;"><tr style="border:none;background-color:#fafafa;"><td width="200px" valign="top" class="hide" style="border:none;background-color:#fafafa;"><div class="nav">
<script type="text/javascript">
function reloadModeInfo(){
  $("#modeInfo").load("include/status.php",function(){ setTimeout(reloadModeInfo,1000) });
}
setTimeout(reloadModeInfo,1000);
$(window).trigger('resize');
</script>
<div id="modeInfo">
<span style="font-weight: bold;font-size:14px;">Status</span>
<fieldset style="background-color:#e8e8e8e8;width:160px;margin-top:6px;;margin-bottom:0px;margin-left:0px;margin-right:3px;font-size:12px;border-top-left-radius: 10px; border-top-right-radius: 10px;border-bottom-left-radius: 10px; border-bottom-right-radius: 10px;">
<table style="margin-top:4px;">
<tr><th colspan="2"><span style="font-size:13px;">Analog Bridge Info</span></th></tr>
<tr><th width=50%>Callsign</th><td style="background: #f9f9f9f9;color:#b44010;font-weight: bold;">IV3JDV</td></tr>
<tr><th width=50%>Mode</th><td style="background: #f9f9f9;font-weight: bold;color:#b44010;">DMR</td></tr>
<tr><th width=50%>Tx TG</th><td style="background: #f9f9f9;font-weight: bold;color:#ef7215;">9</td></tr>
<tr><th width=50%>AB ver</th><td style="background: #f9f9f9;">1.6.4</td></tr>
</table>
<br><table><tr><th colspan="2">TRX Info</th></tr><tr><td style="background:#0b0; color:#030;">Listening</td></tr></table>
<br />
<table>
<tr><th colspan="2">DMR Master</th></tr>
<tr><td  style="background: #ffffed;" colspan="2"><span style="color:#b5651d;font-weight: bold">192.168.100.63</span></td></tr>
</table>
<br />
<table>
<tr><th colspan="2">YSF Net</th></tr>
<tr><td colspan="2" style="background: #ffffed;"><span style="color:#b0b0b0;"><b>Not Linked</b></span></td></tr>
</table>
<br />
<table>
<tr><th colspan="2">P25 Net</th></tr>
<tr><td colspan="2" style="background: #ffffed;"><span style="color:#b0b0b0;"><b>Not Linked</b></span></td></tr>
</table>
<br />
<table>
<tr><th colspan="2">NXDN Net</th></tr>
<tr><td colspan="2" style="background: #ffffed;"><span style="color:#b0b0b0;"><b>Not Linked</b></span></td></tr>
</table>
<br />
<table>
<tr><th colspan="2">D-Star Net</th></tr>
<tr><th w

-593544155 | 2024-04-26T17:39:13.536081

8888 / tcp

HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 17:39:13 GMT
Server: Apache/2.4.58 (Win64) PHP/8.2.13 mod_fcgid/2.3.10-dev
X-Powered-By: PHP/8.2.13
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

2.37.71.231

Last Seen: 2024-04-28

GeneralInformation

Vulnerabilities

OpenPorts

388818367 | 2024-04-27T12:41:13.737992
123 / udp

-1538260461 | 2024-04-28T23:53:14.527441
2000 / tcp

MikroTik bandwidth-test server

-1095091349 | 2024-04-21T14:33:54.173380
8081 / tcp

-1748625195 | 2024-04-28T02:59:20.632573
8291 / tcp

MikroTik Winbox

-345906261 | 2024-04-25T09:51:41.416985
8880 / tcp

lighttpd1.4.53

-593544155 | 2024-04-26T17:39:13.536081
8888 / tcp

Apache httpd2.4.58

Products

Pricing

Contact Us

2.37.71.231

Last Seen: 2024-04-28

GeneralInformation

Vulnerabilities

OpenPorts

388818367 | 2024-04-27T12:41:13.737992 123 / udp

-1538260461 | 2024-04-28T23:53:14.527441 2000 / tcp

MikroTik bandwidth-test server

-1095091349 | 2024-04-21T14:33:54.173380 8081 / tcp

-1748625195 | 2024-04-28T02:59:20.632573 8291 / tcp

MikroTik Winbox

-345906261 | 2024-04-25T09:51:41.416985 8880 / tcp

lighttpd1.4.53

-593544155 | 2024-04-26T17:39:13.536081 8888 / tcp

Apache httpd2.4.58

Products

Pricing

Contact Us

388818367 | 2024-04-27T12:41:13.737992
123 / udp

-1538260461 | 2024-04-28T23:53:14.527441
2000 / tcp

-1095091349 | 2024-04-21T14:33:54.173380
8081 / tcp

-1748625195 | 2024-04-28T02:59:20.632573
8291 / tcp

-345906261 | 2024-04-25T09:51:41.416985
8880 / tcp

-593544155 | 2024-04-26T17:39:13.536081
8888 / tcp