Shodan

37.148.209.209

Regular View Raw Data
Last Seen: 2024-04-23
Tags:
eol-product

GeneralInformation

Hostnames 37-148-209-209.cizgi.net.tr
Domains cizgi.net.tr 
Country Turkey
City Istanbul
Organization CIZGI TELEKOMUNIKASYON ANONIM SIRKETI
ISP CIZGI TELEKOMUNIKASYON ANONIM SIRKETI
ASN AS34619

WebTechnologies

CDN
Google Hosted Libraries
Font scripts
Font Awesome
JavaScript libraries
jQuery3.3.1
Programming languages
Python
UI frameworks
Bootstrap4.1.3
Web frameworks
Django

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618 5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017 6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
CVE-2020-23064 Cross Site Scripting vulnerability in jQuery 2.2.0 through 3.x before 3.5.0 allows a remote attacker to execute arbitrary code via the <options> element.
CVE-2020-11023 4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022 4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358 4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

OpenPorts 

-252172578 | 2024-04-13T06:08:30.948796
22 / tcp 
592490958 | 2024-04-20T03:53:10.266418
80 / tcp 
1110556447 | 2024-04-14T15:29:42.662707
82 / tcp 
-1278912815 | 2024-04-23T00:55:01.261508
1883 / tcp 
-579623213 | 2024-04-18T17:49:37.536754
8080 / tcp 
-182840153 | 2024-04-17T18:00:25.001423
8081 / tcp 
17726044 | 2024-04-17T13:48:29.635444
8083 / tcp 
-1589663322 | 2024-04-15T16:41:07.665654
9000 / tcp



Products
Pricing
Contact Us

Shodan ® - All rights reserved