GeneralInformation

Country	China
City	Hefei
Organization	CHINANET Anhui province network
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

JavaScript libraries

jQuery3.4.1

Select2

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-23064	Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

OpenPorts

161 1723 7547 8081 8082 8084 8086 8087 8443 8888 9090 9092

-2010578328 | 2024-05-15T14:37:08.036973

161 / udp

SNMP:
  Versions:
    1
    3
  Engineid Format: mac
  Engine Boots: 34
  Engineid Data: 54:16:51:5c:fc:8e
  Enterprise: 4881
  Engine Time: 1 day, 4:04:45

13680384 | 2024-05-09T15:35:07.830988

1723 / tcp

PPTP:
  Firmware: 256
  Hostname: Ruijie
  Vendor: Ruijie General Operation System

-1759155114 | 2024-05-07T08:51:57.563887

7547 / tcp

HTTP/1.1 200 OK
Server: RG/Device 10.x
Content-Type: text/xml; charset=utf-8
Content-Length: 0
Connection: keep-alive

192235134 | 2024-04-23T19:35:10.345337

8081 / tcp

HTTP/1.1 404 
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 796
Date: Tue, 23 Apr 2024 19:35:09 GMT

<!doctype html><html lang="en"><head><title>HTTP Status 404 – Not Found</title><style type="text/css">h1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} h2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} h3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} body {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} b {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} p {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;} a {color:black;} a.name {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP Status 404 – Not Found</h1></body></html>

2075359437 | 2024-05-03T03:01:15.643779

8082 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.20.1
Date: Fri, 03 May 2024 03:01:13 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.20.1</center>
</body>
</html>

1955176435 | 2024-04-18T19:52:03.148518

8084 / tcp

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Thu, 18 Apr 2024 19:52:01 GMT
Content-Type: text/html
Content-Length: 11509
Last-Modified: Mon, 30 Aug 2021 01:04:14 GMT
Connection: keep-alive
ETag: "612c2e8e-2cf5"
Accept-Ranges: bytes

1721716354 | 2024-04-21T20:34:53.923443

8086 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Sun, 21 Apr 2024 20:34:42 GMT
Content-Type: text/html
Content-Length: 961
Last-Modified: Mon, 28 Aug 2023 01:53:21 GMT
Connection: keep-alive
ETag: "64ebfe11-3c1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

1409981470 | 2024-05-12T21:05:16.353095

8087 / tcp

HTTP/1.1 400 
Content-Type: text/html;charset=utf-8
Content-Language: zh-CN
Content-Length: 1868
Date: Sun, 12 May 2024 21:05:15 GMT
Connection: close

<!doctype html><html lang="zh"><head><title>HTTP状态 400 - 错误的请求</title><style type="text/css">body {font-family:Tahoma,Arial,sans-serif;} h1, h2, h3, b {color:white;background-color:#525D76;} h1 {font-size:22px;} h2 {font-size:16px;} h3 {font-size:14px;} p {font-size:12px;} a {color:black;} .line {height:1px;background-color:#525D76;border:none;}</style></head><body><h1>HTTP状态 400 - 错误的请求</h1><hr class="line" /><p><b>类型</b> 异常报告</p><p><b>消息</b> 在方法名称中发现无效的字符串, HTTP 方法名必须是有效的符号.</p><p><b>描述</b> 由于被认为是客户端对错误（例如：畸形的请求语法、无效的请求信息帧或者虚拟的请求路由），服务器无法或不会处理当前请求。</p><p><b>例外情况</b></p><pre>java.lang.IllegalArgumentException: 在方法名称中发现无效的字符串, HTTP 方法名必须是有效的符号.
	org.apache.coyote.http11.Http11InputBuffer.parseRequestLine(Http11InputBuffer.java:419)
	org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:269)
	org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:893)
	org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1723)
	org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	java.lang.Thread.run(Thread.java:748)
</pre><p><b>):注意</b> 主要问题的全部 stack 信息可以在 server logs 里查看</p><hr class="line" /><h3>Apache Tomcat/9.0.50</h3></body></html>

-41194546 | 2024-05-05T20:45:52.264269

8443 / tcp

HTTP/1.1 200 OK
Server: sslvpn
Date: Sun, 05 May 2024 20:45:50 GMT
Content-Type: text/html
Last-Modified: Wed, 06 Mar 2024 21:58:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubdomains
Content-Security-Policy: default-src 'self';script-src 'self' 'unsafe-inline' 'unsafe-eval';style-src 'self' 'unsafe-inline';img-src  * blob: data: ; 
Referrer-Policy: origin
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Set-Cookie: rjsslvpnSID=4d38aad0f407e1cf610b8fbb1ba60264; path=/; secure; httponly
Set-Cookie: rjsslvpnCF=184; path=/; secure; httponly
Set-Cookie: rjsslvpnVER=16777216; path=/; secure; httponly
Set-Cookie: s_funcset1=16; path=/; secure; httponly
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 2 (0x2)
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=RJ-SSLVPN-ROOTCA-2024-4-15-Mon-22:57:32
        Validity
            Not Before: Apr 14 06:57:43 2024 GMT
            Not After : Apr 13 06:57:43 2034 GMT
        Subject: CN=0.0.0.0
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c4:f6:cf:81:7f:14:6c:79:f5:0c:1f:e7:6f:8e:
                    ae:99:0a:6f:3b:78:cc:ab:6a:06:67:2a:22:97:3d:
                    ce:d4:45:9f:11:12:a4:1f:64:58:b1:3c:ff:5d:95:
                    9a:75:52:aa:7a:66:fc:00:0d:50:34:68:5f:5a:9b:
                    78:23:06:ed:10:2d:6a:7f:88:06:12:65:7d:39:bb:
                    e1:e3:85:9a:e4:40:17:2a:8c:a5:ed:99:72:7e:32:
                    91:88:a4:e9:99:53:a5:0e:16:c9:6c:81:6d:94:db:
                    ab:72:26:3d:0e:a1:a5:aa:ec:0d:65:64:b6:b7:4b:
                    85:41:41:91:32:d6:45:ac:7c:ab:39:60:92:55:a1:
                    bf:2f:ee:f4:e8:98:77:39:c0:8a:cc:f3:59:93:37:
                    50:0a:90:52:c8:09:97:ef:88:e7:52:b0:5c:36:fa:
                    5a:33:09:97:91:95:ff:e5:27:c8:f6:f9:1f:4d:28:
                    52:78:91:24:89:20:fb:f9:c1:94:f6:d3:c8:c0:5b:
                    ba:eb:5d:e1:8f:01:27:81:05:6d:58:d3:c7:67:c1:
                    8b:71:37:54:04:fb:03:fe:e4:a7:4f:66:08:26:93:
                    98:3e:28:33:e3:d7:c7:1a:73:57:3b:33:7a:97:dd:
                    ab:dc:f0:4f:d3:f0:62:93:fc:83:9e:3f:d8:5a:f0:
                    49:bf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                D3:6C:44:51:9B:6D:0C:4F:7E:0C:F9:15:02:2B:50:6E:4F:9B:5D:D9
            X509v3 Authority Key Identifier: 
                keyid:B4:87:2B:B7:B2:22:85:DD:2B:06:14:5B:12:BD:B0:43:13:13:17:F7
                DirName:/CN=RJ-SSLVPN-ROOTCA-2024-4-15-Mon-22:57:32
                serial:01
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        3c:24:ef:2f:57:02:0d:5b:e1:d1:f4:87:06:e2:46:34:4f:33:
        e5:08:6c:f1:ca:6f:e0:a8:56:1d:b8:b6:fe:1f:39:e2:6f:ee:
        bc:41:5c:5f:8f:1c:b7:cc:64:22:c3:56:a8:40:da:ee:60:6b:
        18:b1:6c:ac:69:a6:b0:15:7a:12:cf:d0:6e:33:c6:92:c6:c9:
        8e:25:b6:87:b7:19:8b:af:1c:28:2b:f1:5d:b0:6c:e9:31:be:
        33:e1:c2:4e:8c:41:21:01:74:94:f7:28:d8:28:89:6a:7b:f8:
        95:4e:c4:ba:8b:6e:78:1d:f3:4b:86:ef:c8:1c:4a:c0:d3:48:
        07:75:8c:7a:10:bd:e1:f8:d5:44:79:25:ff:d4:ee:99:0f:88:
        bc:ba:7f:3b:d7:6e:e9:a5:d2:52:7f:af:fc:3b:92:79:c9:e7:
        a9:03:03:53:ed:bd:16:3c:a4:b9:29:42:6a:b6:36:73:3f:50:
        12:22:f6:d9:f3:d3:d5:1a:4a:07:3b:f3:5d:ea:46:45:9c:38:
        1c:ad:75:e6:25:91:24:70:46:05:08:0b:8f:92:6b:43:fe:5c:
        60:31:1b:03:b3:60:96:9a:eb:02:25:ac:3f:22:31:7c:f0:79:
        ba:5a:6b:ee:86:04:e4:32:43:5e:2f:31:3b:9f:9b:ea:76:3f:
        47:34:1a:db

703707298 | 2024-05-11T20:59:05.453816

8888 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Thu, 29 Jul 2021 08:40:16 GMT
Accept-Ranges: bytes
ETag: "43d7f85a5584d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Sat, 11 May 2024 20:59:03 GMT
Content-Length: 703

328049179 | 2024-04-30T04:26:23.272274

9090 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Tue, 30 Apr 2024 04:26:22 GMT
Content-Type: text/html
Content-Length: 38947
Last-Modified: Wed, 17 Apr 2024 09:28:26 GMT
Connection: keep-alive
ETag: "661f963a-9823"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes

-1473269557 | 2024-05-14T07:31:50.096385

9092 / tcp

HTTP/1.1 404 
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 796
Date: Tue, 14 May 2024 07:31:49 GMT

223.214.7.95

Last Seen: 2024-05-15

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2010578328 | 2024-05-15T14:37:08.036973
161 / udp

Ruijie Networks Co., Ltd. (formerly 'Start Network Technology Co., Ltd.')

13680384 | 2024-05-09T15:35:07.830988
1723 / tcp

PPTP

-1759155114 | 2024-05-07T08:51:57.563887
7547 / tcp

192235134 | 2024-04-23T19:35:10.345337
8081 / tcp

2075359437 | 2024-05-03T03:01:15.643779
8082 / tcp

nginx1.20.1

1955176435 | 2024-04-18T19:52:03.148518
8084 / tcp

nginx1.20.1

1721716354 | 2024-04-21T20:34:53.923443
8086 / tcp

nginx1.18.0

1409981470 | 2024-05-12T21:05:16.353095
8087 / tcp

-41194546 | 2024-05-05T20:45:52.264269
8443 / tcp

703707298 | 2024-05-11T20:59:05.453816
8888 / tcp

Microsoft IIS httpd10.0

328049179 | 2024-04-30T04:26:23.272274
9090 / tcp

nginx1.18.0

-1473269557 | 2024-05-14T07:31:50.096385
9092 / tcp

Products

Pricing

Contact Us

223.214.7.95

Last Seen: 2024-05-15

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2010578328 | 2024-05-15T14:37:08.036973 161 / udp

Ruijie Networks Co., Ltd. (formerly 'Start Network Technology Co., Ltd.')

13680384 | 2024-05-09T15:35:07.830988 1723 / tcp

PPTP

-1759155114 | 2024-05-07T08:51:57.563887 7547 / tcp

192235134 | 2024-04-23T19:35:10.345337 8081 / tcp

2075359437 | 2024-05-03T03:01:15.643779 8082 / tcp

nginx1.20.1

1955176435 | 2024-04-18T19:52:03.148518 8084 / tcp

nginx1.20.1

1721716354 | 2024-04-21T20:34:53.923443 8086 / tcp

nginx1.18.0

1409981470 | 2024-05-12T21:05:16.353095 8087 / tcp

-41194546 | 2024-05-05T20:45:52.264269 8443 / tcp

703707298 | 2024-05-11T20:59:05.453816 8888 / tcp

Microsoft IIS httpd10.0

328049179 | 2024-04-30T04:26:23.272274 9090 / tcp

nginx1.18.0

-1473269557 | 2024-05-14T07:31:50.096385 9092 / tcp

Products

Pricing

Contact Us

-2010578328 | 2024-05-15T14:37:08.036973
161 / udp

13680384 | 2024-05-09T15:35:07.830988
1723 / tcp

-1759155114 | 2024-05-07T08:51:57.563887
7547 / tcp

192235134 | 2024-04-23T19:35:10.345337
8081 / tcp

2075359437 | 2024-05-03T03:01:15.643779
8082 / tcp

1955176435 | 2024-04-18T19:52:03.148518
8084 / tcp

1721716354 | 2024-04-21T20:34:53.923443
8086 / tcp

1409981470 | 2024-05-12T21:05:16.353095
8087 / tcp

-41194546 | 2024-05-05T20:45:52.264269
8443 / tcp

703707298 | 2024-05-11T20:59:05.453816
8888 / tcp

328049179 | 2024-04-30T04:26:23.272274
9090 / tcp

-1473269557 | 2024-05-14T07:31:50.096385
9092 / tcp