GeneralInformation

Country	Czechia
City	Prague
Organization	customers N_SYS s.r.o. from Upice
ISP	"N_SYS s.r.o."
ASN	AS41088

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2022-22707

5.9In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

OpenPorts

554 3389 8080 8081

-1888853120 | 2024-03-30T08:38:58.525057

554 / tcp

RTSP/1.0 401 Unauthorized
CSeq: 1
WWW-Authenticate: Digest realm="Login to 5F0260BPBQ0BA07", nonce="eaec8451bc5fdf269737c8ddf6272c9e"

-67189559 | 2024-03-26T15:54:35.788266

3389 / tcp

Remote Desktop Protocol
\x03\x00\x00\x13\x0e\xd0\x00\x00\x124\x00\x02\x1f\x08\x00\x02\x00\x00\x00
Remote Desktop Protocol NTLM Info:
  OS: Windows 10 (version 2004)/Windows Server (version 2004)
  OS Build: 10.0.19041
  Target Name: UCTO
  NetBIOS Domain Name: UCTO
  NetBIOS Computer Name: UCTO
  DNS Domain Name: UCTO
  FQDN: UCTO

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            6b:e1:83:be:d1:0a:e5:ac:47:ab:c6:cb:91:48:24:05
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=UCTO
        Validity
            Not Before: Feb 28 04:39:03 2024 GMT
            Not After : Aug 29 04:39:03 2024 GMT
        Subject: CN=UCTO
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:f1:a3:7b:3c:d0:44:42:a4:92:ef:6a:6b:60:b7:
                    90:87:c5:f6:e6:dd:13:68:23:7b:74:0b:fc:e6:f3:
                    97:6c:4c:2b:94:08:bf:a9:3a:04:18:a8:b2:c4:d0:
                    14:ba:93:29:41:da:84:6f:63:28:8d:a0:5c:6b:16:
                    21:66:ba:48:ed:29:89:ed:34:e1:64:7a:84:70:14:
                    6d:61:e1:40:ba:ea:b7:07:32:52:69:9f:a6:e6:12:
                    db:44:e0:a0:36:1f:3a:86:fd:65:a3:e9:55:9b:47:
                    4f:93:21:33:08:23:d8:a8:17:d9:79:a5:ab:7b:09:
                    b0:26:d6:ad:a0:b0:37:03:26:84:7d:7d:5d:f4:47:
                    ad:c3:f6:13:13:ae:ff:78:fd:99:98:1b:c1:9d:d2:
                    93:09:14:64:70:e5:99:dc:d4:53:ee:58:ec:f5:e8:
                    05:74:77:48:a9:dc:31:a8:a3:b0:30:ad:75:15:c8:
                    15:2b:c5:46:00:08:c0:bd:ac:34:80:08:e1:af:48:
                    41:da:b7:b4:89:93:87:b7:ca:29:3a:7d:fc:dc:fd:
                    63:8f:2c:16:47:f5:83:2a:7c:47:1a:99:ee:aa:09:
                    09:1d:15:07:a2:27:d8:01:e2:bd:43:73:82:4c:0e:
                    07:04:f9:d2:7b:55:ac:59:2f:4c:5a:9b:eb:b6:5f:
                    3d:9d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Key Usage: 
                Key Encipherment, Data Encipherment
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        8d:32:62:4e:97:2d:4b:d7:29:b0:89:7b:de:a1:ef:2f:7f:c7:
        e6:2e:ef:fc:f8:c7:ba:2f:4e:00:67:0b:3e:34:4c:4f:91:5b:
        92:cd:b2:18:11:4e:a4:6c:5c:7e:5e:59:34:a5:56:72:c3:26:
        4c:2f:2d:1f:ec:f8:a2:06:ae:da:c9:2d:5e:84:cd:9d:00:92:
        6d:06:b0:2a:f2:9b:ad:b2:54:b1:ae:d9:b2:be:ff:6c:d2:40:
        32:17:6d:01:06:9f:28:0f:88:7d:73:89:76:7d:98:af:36:06:
        f4:70:c1:35:14:03:45:23:41:d3:43:81:7e:ad:85:05:38:d8:
        1b:7b:07:6e:4b:d4:ca:29:22:b1:b7:29:65:cf:b6:0a:01:5c:
        2c:dc:82:63:db:c8:66:a9:39:5d:7d:1b:d2:19:8d:0e:ea:93:
        06:c0:30:0d:c3:e7:57:35:5b:0a:11:88:7e:97:7f:28:b7:ad:
        45:d2:70:5f:5f:aa:a8:90:3c:92:8b:c4:ba:27:cc:c3:cb:39:
        50:b5:bf:4a:a2:07:fe:59:33:3a:28:69:c3:c1:15:68:c3:89:
        d6:17:d6:7c:9f:d1:2f:3d:a3:30:ec:eb:cd:27:b4:65:b3:87:
        82:87:23:34:3f:19:59:71:22:7b:eb:d2:27:83:48:24:0b:9c:
        1f:a0:25:5a

-1118943533 | 2024-04-02T12:52:54.385430

8080 / tcp

HTTP/1.1 200 OK
Server: Router Webserver
Connection: close
Content-Type: text/html
WWW-Authenticate: Basic realm="TP-LINK Wireless Lite N Router WR740N/WR741ND"

559761251 | 2024-04-10T18:26:31.568422

8081 / tcp

HTTP/1.1 200 OK
Set-Cookie: TRACKID=1c249768fa4434f0c2b6ad25df0871f5; Path=/; Version=1
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1811078397"
Last-Modified: Mon, 25 Apr 2022 21:12:03 GMT
Content-Length: 909
Date: Wed, 10 Apr 2024 18:26:29 GMT
Server: lighttpd/1.4.55

<!doctype html>
<html>
  <head>
    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
    <meta http-equiv="X-UA-Compatible" content="IE=9">
    <title>Loading Web Application</title>

    <script type="text/javascript" language="javascript" src="webapp/webapp.nocache.js"></script>
    <script type="text/javascript" language="javascript" src="webapp/libs/sjcl.js"></script>
  </head>

  <body>
    <iframe src="javascript:''" id="__gwt_historyFrame" tabIndex='-1' style="position:absolute;width:0;height:0;border:0"></iframe>
    
    <noscript>
      <div style="width: 22em; position: absolute; left: 50%; margin-left: -11em; color: red; background-color: white; border: 1px solid red; padding: 4px; font-family: sans-serif">
        Your web browser must have JavaScript enabled
        in order for this application to display correctly.
      </div>
    </noscript>
  </body>
</html>

89.190.74.198

Last Seen: 2024-04-10

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1888853120 | 2024-03-30T08:38:58.525057
554 / tcp

-67189559 | 2024-03-26T15:54:35.788266
3389 / tcp

Remote Desktop Protocol

-1118943533 | 2024-04-02T12:52:54.385430
8080 / tcp

559761251 | 2024-04-10T18:26:31.568422
8081 / tcp

lighttpd1.4.55

Products

Pricing

Contact Us

89.190.74.198

Last Seen: 2024-04-10

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1888853120 | 2024-03-30T08:38:58.525057 554 / tcp

-67189559 | 2024-03-26T15:54:35.788266 3389 / tcp

Remote Desktop Protocol

-1118943533 | 2024-04-02T12:52:54.385430 8080 / tcp

559761251 | 2024-04-10T18:26:31.568422 8081 / tcp

lighttpd1.4.55

Products

Pricing

Contact Us

-1888853120 | 2024-03-30T08:38:58.525057
554 / tcp

-67189559 | 2024-03-26T15:54:35.788266
3389 / tcp

-1118943533 | 2024-04-02T12:52:54.385430
8080 / tcp

559761251 | 2024-04-10T18:26:31.568422
8081 / tcp