GeneralInformation

Hostnames	serveur.e-consultech.fr 82-64-27-50.subs.proxad.net
Domains	e-consultech.fr proxad.net
Country	France
City	Paris
Organization	Free SAS
ISP	Free SAS
ASN	AS12322

WebTechnologies

JavaScript frameworks

Prototype1.7.2

ExtJS

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-41741	Exposure of sensitive information to an unauthorized actor vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2023-41740	Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.
CVE-2023-41739	Uncontrolled resource consumption vulnerability in File Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to conduct denial-of-service attacks via unspecified vectors.
CVE-2023-41738	Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
CVE-2023-32956	Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2023-32955	Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors.
CVE-2023-2729	Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors.
CVE-2023-0142	Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
CVE-2023-0077	Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to overflow buffers via unspecified vectors.
CVE-2022-43932	Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to read arbitrary files via unspecified vectors.

OpenPorts

21 80 123 137 443 445 8000 8001

-793826600 | 2024-04-25T17:41:34.093633

21 / tcp

220 consultech-srv FTP server ready.
530 Login incorrect.
214- The following commands are recognized (* =>'s unimplemented).
   USER    LPRT    MODE    MSOM*   RNTO    SITE    RMD     SIZE    AUTH 
   PASS    EPRT    RETR    MSAM*   ABOR    SYST    XRMD    MDTM    PBSZ 
   ACCT*   PASV    STOR    MRSQ*   DELE    STAT    PWD     MLST    PROT 
   SMNT*   LPSV    APPE    MRCP*   CWD     HELP    XPWD    MLSD    CCC 
   REIN*   EPSV    MLFL*   ALLO    XCWD    NOOP    CDUP    MFMT 
   QUIT    TYPE    MAIL*   REST    LIST    MKD     XCUP    FEAT 
   PORT    STRU    MSND*   RNFR    NLST    XMKD    STOU    OPTS 
214 Direct comments to ftp-bugs@consultech-srv.
211- Extensions supported:
 AUTH TLS
 PBSZ
 PROT
 CCC
 SIZE
 MDTM
 REST STREAM
 MFMT
 TVFS
 MLST modify*;type*;unique*;size*;UNIX.mode*;UNIX.owner*;UNIX.group*;
 MLSD modify*;type*;unique*;size*;UNIX.mode*;UNIX.owner*;UNIX.group*;
211 End.

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            04:5e:d2:6a:f4:7e:7f:b1:aa:45:e0:0c:97:e9:a3:18:21:65
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr 18 07:11:02 2024 GMT
            Not After : Jul 17 07:11:01 2024 GMT
        Subject: CN=serveur.e-consultech.fr
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ce:d8:2f:7d:11:c2:02:2a:7d:70:9b:84:3d:5c:
                    d6:41:58:3c:8f:83:77:0c:c4:e8:33:f3:fd:62:d1:
                    24:50:b3:90:c8:71:a5:ab:a9:26:bc:7c:d9:04:23:
                    41:eb:21:c0:3a:0b:49:d2:44:17:ee:51:81:33:ac:
                    b5:8b:01:8e:8e:00:7c:60:43:06:36:48:50:af:02:
                    a3:c6:77:01:7a:8f:bc:70:f4:83:cc:a2:e5:dc:6b:
                    6d:44:ea:77:c6:45:f9:cf:ef:77:73:ed:1a:09:77:
                    34:9b:7c:bb:ec:d1:40:07:b7:a8:76:49:46:e4:15:
                    10:08:94:7a:15:a1:97:1b:b6:45:11:35:d8:39:1b:
                    07:44:92:a2:cb:76:bd:4d:4a:3e:b3:0b:36:6a:86:
                    b6:bb:60:4a:1d:ce:bb:14:9f:f5:f0:10:ae:34:63:
                    29:c6:5a:c8:41:8c:91:6f:49:cc:99:64:cd:3b:3a:
                    0b:70:9f:ad:7b:3a:ea:fe:19:10:f6:1e:a4:c7:97:
                    23:b0:62:aa:a9:78:57:8d:6d:bc:b0:d4:c9:95:68:
                    db:21:bf:a4:2a:f0:8f:87:d8:59:64:55:91:83:97:
                    a8:4f:a6:7f:c7:26:69:6f:5a:8f:85:e1:e7:90:6b:
                    1e:a5:c7:1f:41:23:bc:e2:12:50:cf:77:2c:36:5a:
                    6b:db
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                39:61:BF:E7:71:6D:61:54:FE:B8:6D:AC:BB:D6:89:29:AE:D2:E7:D3
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:serveur.e-consultech.fr
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 48:B0:E3:6B:DA:A6:47:34:0F:E5:6A:02:FA:9D:30:EB:
                                1C:52:01:CB:56:DD:2C:81:D9:BB:BF:AB:39:D8:84:73
                    Timestamp : Apr 18 08:11:02.463 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:DB:34:B1:54:63:7C:08:EF:B3:B4:DF:
                                11:68:71:AD:70:01:81:65:0E:D2:3B:64:C8:F8:E3:79:
                                B7:79:A8:00:47:02:20:48:C0:62:D3:2F:1E:DF:68:F1:
                                99:21:92:3D:BA:06:5B:DA:75:0C:E1:6D:7A:E6:AA:95:
                                1B:9A:B4:F3:3F:14:91
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr 18 08:11:02.461 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:03:53:89:80:06:A7:96:2C:8D:AB:99:CD:
                                F6:6B:04:25:6E:95:C5:EE:00:7D:82:41:60:B2:8C:68:
                                BF:76:97:53:02:21:00:9D:B0:DD:D5:C0:08:10:C8:88:
                                5A:D2:C4:33:74:F3:AF:12:A8:EC:38:10:BC:EC:5A:3C:
                                6F:A9:BE:37:5E:65:A6
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        25:25:5c:4f:e9:d6:5b:d1:47:0e:47:31:c3:8d:a5:3c:81:0f:
        b9:c3:a8:b2:25:5e:29:b2:39:ca:2e:1f:47:83:81:1e:5e:5f:
        da:bf:35:f4:37:59:ab:cb:40:34:0f:65:6d:b8:49:78:53:4c:
        3a:7e:9f:a3:ec:db:c0:9e:5f:c8:41:c7:90:ad:21:34:74:0c:
        49:88:bb:fb:12:56:ca:3d:92:cd:00:d0:2c:e7:70:2f:d7:bf:
        c8:9d:da:fa:a1:f4:83:21:de:17:30:bf:dd:ab:2b:87:89:43:
        c2:1a:40:50:b8:82:e6:ed:95:3c:e0:49:3b:c6:c2:81:a0:5b:
        c4:99:55:ff:52:0f:01:88:9b:cf:e9:d4:79:13:d3:d2:7b:94:
        3f:8c:a2:db:1c:04:d1:ba:8d:b4:8a:d0:ee:ed:2c:0f:ac:ea:
        c0:29:da:1e:be:ad:00:dd:2a:e7:5a:73:ce:1f:67:f5:cf:3d:
        81:5a:36:ea:55:32:7b:36:d7:74:a5:31:c7:7f:ff:d8:d5:1d:
        f0:28:d2:39:2f:f7:a6:e2:fc:21:eb:b6:04:78:d7:8a:88:00:
        46:e0:fa:e6:fd:a0:a4:8e:ab:3e:36:89:e5:ac:d0:ed:2d:3f:
        c1:de:02:cf:c2:53:08:6a:81:0b:a7:1a:fd:70:43:ce:6c:a3:
        85:ed:13:37

652931205 | 2024-04-19T16:21:38.731865

80 / tcp

HTTP/1.1 200 OK
Date: Fri, 19 Apr 2024 16:21:38 GMT
Content-Type: text/html
Content-Length: 44
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 15 Feb 2023 14:03:08 GMT
ETag: "2c-5f4bd8a3dcfcf"
Accept-Ranges: bytes

-2037328890 | 2024-04-19T10:30:02.053346

123 / udp

NTP
protocolversion: 3
stratum: 0
leap: 3
precision: 0
rootdelay: 0.0
rootdisp: 0.0
refid: 1380013125
reftime: 0.0
poll: 3

1412784242 | 2024-04-28T10:51:34.588816

137 / udp

NetBIOS Response:
  Server Name: SYNOLOGYROUTER
  MAC Address: 00:00:00:00:00:00
  Names:
    SYNOLOGYROUTER <0x0>
    SYNOLOGYROUTER <0x3>
    SYNOLOGYROUTER <0x20>
    WORKGROUP <0x1e>
    WORKGROUP <0x0>
  Additional Interfaces:
    192.168.1.254
    192.168.2.1

652931205 | 2024-04-17T12:28:26.175559

443 / tcp

HTTP/1.1 200 OK
Date: Wed, 17 Apr 2024 12:28:25 GMT
Content-Type: text/html
Content-Length: 44
Connection: keep-alive
Keep-Alive: timeout=20
Last-Modified: Wed, 15 Feb 2023 14:03:08 GMT
ETag: "2c-5f4bd8a3dcfcf"
Accept-Ranges: bytes

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:5b:8a:90:70:0f:a4:42:68:22:2c:14:af:75:13:12:7a:71
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Feb 18 00:54:02 2024 GMT
            Not After : May 18 00:54:01 2024 GMT
        Subject: CN=serveur.e-consultech.fr
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:9d:5b:28:cf:98:96:4f:cf:60:ae:48:98:f5:a4:
                    35:34:db:f8:c5:1a:f6:5d:57:bd:da:9d:fe:2a:98:
                    dd:95:5f:24:62:2c:d3:5a:66:b4:1f:c4:43:af:68:
                    ad:04:82:f7:c2:1e:71:a2:35:bf:48:ff:42:e2:d0:
                    71:94:53:14:73
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                9E:30:32:FC:C1:E6:FC:2D:56:DD:B2:38:A9:7E:09:3B:1A:62:26:6A
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:serveur.e-consultech.fr
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3B:53:77:75:3E:2D:B9:80:4E:8B:30:5B:06:FE:40:3B:
                                67:D8:4F:C3:F4:C7:BD:00:0D:2D:72:6F:E1:FA:D4:17
                    Timestamp : Feb 18 01:54:02.640 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:32:04:A1:E8:38:01:9A:CB:40:D1:73:91:
                                46:DE:1A:18:B4:E4:A3:D5:B8:3A:D4:F2:24:73:77:94:
                                45:2A:77:8A:02:21:00:9E:1E:20:D1:D7:84:67:F7:2C:
                                D9:08:52:58:08:B4:91:1E:47:07:62:71:73:DF:D7:F1:
                                4C:61:BC:2C:B6:4F:A6
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Feb 18 01:54:02.641 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:5F:EA:CD:88:AF:79:2F:26:63:1D:5D:C1:
                                2B:00:87:86:E7:08:76:7E:56:66:C9:7F:95:E6:B1:0A:
                                AE:1D:2E:76:02:21:00:AA:8D:01:8A:A5:3D:92:2C:C1:
                                39:59:89:C3:ED:B4:E4:F8:21:06:34:39:D0:21:D6:1C:
                                71:1A:D1:3C:30:24:45
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        03:e4:d2:f0:3f:aa:0a:bc:c6:b2:60:a7:71:9d:d0:7a:ae:14:
        bf:5f:02:2a:62:b6:3b:28:ac:59:99:8a:8e:ed:bb:c6:9f:64:
        27:b5:e2:57:34:fe:4b:69:b1:92:73:83:f6:7a:2f:09:9e:90:
        55:01:ea:2a:30:54:58:6a:c0:1a:39:f4:fa:f1:39:cf:f1:bf:
        83:cd:d6:72:1b:c1:92:aa:f0:e8:c7:a0:55:fd:7e:6b:7b:ae:
        57:98:de:7e:99:04:18:8b:a3:4d:4e:30:05:9a:f5:8e:8c:8c:
        f5:72:e2:d0:33:c1:71:03:70:69:2a:20:0c:2a:7f:36:72:05:
        1a:d8:b3:88:e3:3c:0e:91:6c:3d:d3:4b:94:b3:c1:62:85:bb:
        3c:06:a0:65:86:21:b4:88:1f:50:0b:b0:04:57:b8:2c:10:5e:
        cc:88:20:e9:65:f2:c7:a1:2f:6e:4a:cc:34:28:03:67:68:a1:
        71:15:f9:1b:4e:86:11:c0:f0:df:06:ad:7c:26:f7:80:3f:04:
        63:79:6f:33:c1:85:15:1f:1c:d5:ab:1e:4e:dd:d0:bf:07:83:
        f2:ac:8e:d8:04:8a:d7:1e:d9:15:97:7a:a5:81:16:ea:19:16:
        8b:84:48:d1:91:6d:9e:5f:a1:63:3d:ce:33:d1:05:c7:db:36:
        a1:0b:0f:c7

-176617153 | 2024-04-26T07:09:04.517857

445 / tcp

SMB Status:
  Authentication: enabled
  SMB Version: 1
  OS: Unix
  Software: Samba 3.6.24
  Capabilities: dfs, extended-security, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, nt-find, nt-smb, nt-status, raw-mode, rpc-remote-api, unicode, unix

370691020 | 2024-04-24T17:15:35.423552

8000 / tcp

HTTP/1.1 200 OK
Date: Wed, 24 Apr 2024 17:15:34 GMT
Server: Apache
Cache-control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset="UTF-8"


Synology Router Manager (SRM):
  Version: 1.3.1-9346
  Hostname: SynologyRouter
  Custom Login Title: Router e-consultech : Bienvenue !

-1344393306 | 2024-04-19T17:35:02.652947

8001 / tcp

HTTP/1.1 400 Bad Request
Date: Fri, 19 Apr 2024 17:35:02 GMT
Server: Apache
Content-Length: 362
Connection: close
Content-Type: text/html; charset=iso-8859-1

82.64.27.50

Last Seen: 2024-04-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-793826600 | 2024-04-25T17:41:34.093633
21 / tcp

652931205 | 2024-04-19T16:21:38.731865
80 / tcp

-2037328890 | 2024-04-19T10:30:02.053346
123 / udp

1412784242 | 2024-04-28T10:51:34.588816
137 / udp

652931205 | 2024-04-17T12:28:26.175559
443 / tcp

-176617153 | 2024-04-26T07:09:04.517857
445 / tcp

Samba3.6.24

370691020 | 2024-04-24T17:15:35.423552
8000 / tcp

Apache httpd

-1344393306 | 2024-04-19T17:35:02.652947
8001 / tcp

Apache httpd

Products

Pricing

Contact Us

82.64.27.50

Last Seen: 2024-04-28

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-793826600 | 2024-04-25T17:41:34.093633 21 / tcp

652931205 | 2024-04-19T16:21:38.731865 80 / tcp

-2037328890 | 2024-04-19T10:30:02.053346 123 / udp

1412784242 | 2024-04-28T10:51:34.588816 137 / udp

652931205 | 2024-04-17T12:28:26.175559 443 / tcp

-176617153 | 2024-04-26T07:09:04.517857 445 / tcp

Samba3.6.24

370691020 | 2024-04-24T17:15:35.423552 8000 / tcp

Apache httpd

-1344393306 | 2024-04-19T17:35:02.652947 8001 / tcp

Apache httpd

Products

Pricing

Contact Us

-793826600 | 2024-04-25T17:41:34.093633
21 / tcp

652931205 | 2024-04-19T16:21:38.731865
80 / tcp

-2037328890 | 2024-04-19T10:30:02.053346
123 / udp

1412784242 | 2024-04-28T10:51:34.588816
137 / udp

652931205 | 2024-04-17T12:28:26.175559
443 / tcp

-176617153 | 2024-04-26T07:09:04.517857
445 / tcp

370691020 | 2024-04-24T17:15:35.423552
8000 / tcp

-1344393306 | 2024-04-19T17:35:02.652947
8001 / tcp