GeneralInformation

Country	Singapore
City	Singapore
Organization	Leaseweb Asia Pacific Pte. Ltd.
ISP	Leaseweb Asia Pacific pte. ltd.
ASN	AS59253

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-22707

5.9In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

53 111 8081 8443

-501363932 | 2024-04-11T18:06:20.175104

53 / tcp

PowerDNS Authoritative Server 4.8.3 (built Oct  5 2023 09:24:12 by root@localhost)
Resolver ID: ns7-domains-ph

-501363932 | 2024-04-15T16:41:51.588720

53 / udp

PowerDNS Authoritative Server 4.8.3 (built Oct  5 2023 09:24:12 by root@localhost)
Resolver ID: ns7-domains-ph

-1345205424 | 2024-04-09T15:20:51.889489

111 / tcp

Portmap
Program	Version	Protocol	Port
portmapper	4	tcp	111
portmapper	3	tcp	111
portmapper	2	tcp	111
portmapper	4	udp	111
portmapper	3	udp	111
portmapper	2	udp	111

2061452986 | 2024-04-15T15:55:14.722151

8081 / tcp

HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 341
Date: Mon, 15 Apr 2024 15:55:14 GMT
Server: lighttpd/1.4.55

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
  <title>403 Forbidden</title>
 </head>
 <body>
  <h1>403 Forbidden</h1>
 </body>
</html>

1626935955 | 2024-04-17T18:27:08.242205

8443 / tcp

HTTP/1.1 200 OK
Content-Type: application/json
Date: Wed, 17 Apr 2024 18:27:07 GMT
Content-Length: 114

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            d3:2e:16:cf:21:26:80:62:fa:ba:ff:1f:9a:92:2e:5b
        Signature Algorithm: ecdsa-with-SHA384
        Issuer: O=linuxcontainers.org, CN=root@leaseweb-sg
        Validity
            Not Before: Jan 28 10:55:37 2022 GMT
            Not After : Jan 26 10:55:37 2032 GMT
        Subject: O=linuxcontainers.org, CN=root@leaseweb-sg
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:55:b7:a1:67:72:30:9e:ec:97:23:c8:73:45:5a:
                    f6:73:be:25:23:20:60:83:b0:de:d0:3a:10:a2:3a:
                    4c:14:91:26:d8:31:bb:a5:5e:20:0f:cb:da:21:74:
                    9a:29:b2:fa:3d:fe:1e:71:cf:0d:34:a8:07:55:38:
                    91:c2:34:6f:f4:ab:5e:41:1f:8e:b4:8e:ce:b1:00:
                    29:0f:33:47:b7:63:e4:81:74:45:d4:82:95:2d:d7:
                    60:43:c7:a6:7e:ac:2b
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:leaseweb-sg, IP Address:127.0.0.1, IP Address:0:0:0:0:0:0:0:1
    Signature Algorithm: ecdsa-with-SHA384
    Signature Value:
        30:66:02:31:00:90:bb:c1:ff:ce:61:ac:79:56:39:01:ad:6d:
        4b:07:cd:10:58:70:b3:c5:8a:5e:de:11:d8:31:8a:3d:9c:7e:
        90:69:b8:a0:ca:e7:42:37:2e:9f:41:0a:96:10:d1:61:86:02:
        31:00:e1:40:72:f0:db:db:18:ad:b7:93:ac:ed:09:e1:66:bf:
        f5:9d:e7:74:fa:79:80:ac:b3:60:e1:e7:5d:69:61:57:66:82:
        89:19:1d:50:db:eb:72:57:f1:d6:1d:ba:bd:4b

23.111.12.109

Last Seen: 2024-04-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-501363932 | 2024-04-11T18:06:20.175104
53 / tcp

-501363932 | 2024-04-15T16:41:51.588720
53 / udp

-1345205424 | 2024-04-09T15:20:51.889489
111 / tcp

2061452986 | 2024-04-15T15:55:14.722151
8081 / tcp

lighttpd1.4.55

1626935955 | 2024-04-17T18:27:08.242205
8443 / tcp

Products

Pricing

Contact Us

23.111.12.109

Last Seen: 2024-04-17

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-501363932 | 2024-04-11T18:06:20.175104 53 / tcp

-501363932 | 2024-04-15T16:41:51.588720 53 / udp

-1345205424 | 2024-04-09T15:20:51.889489 111 / tcp

2061452986 | 2024-04-15T15:55:14.722151 8081 / tcp

lighttpd1.4.55

1626935955 | 2024-04-17T18:27:08.242205 8443 / tcp

Products

Pricing

Contact Us

-501363932 | 2024-04-11T18:06:20.175104
53 / tcp

-501363932 | 2024-04-15T16:41:51.588720
53 / udp

-1345205424 | 2024-04-09T15:20:51.889489
111 / tcp

2061452986 | 2024-04-15T15:55:14.722151
8081 / tcp

1626935955 | 2024-04-17T18:27:08.242205
8443 / tcp