GeneralInformation

Country	China
City	Chengdu
Organization	Chengdu Giant Times Technology Co.,Ltd
ISP	CHINANET SiChuan Telecom Internet Data Center
ASN	AS38283

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-46118

RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An authenticated user with sufficient credentials can publish a very large messages over the HTTP API and cause target node to be terminated by an "out-of-memory killer"-like mechanism. This vulnerability has been patched in versions 3.11.24 and 3.12.7.

CVE-2022-31008

RabbitMQ is a multi-protocol messaging and streaming broker. In affected versions the shovel and federation plugins perform URI obfuscation in their worker (link) state. The encryption key used to encrypt the URI was seeded with a predictable secret. This means that in case of certain exceptions related to Shovel and Federation plugins, reasonably easily deobfuscatable data could appear in the node log. Patched versions correctly use a cluster-wide secret for that purpose. This issue has been addressed and Patched versions: `3.10.2`, `3.9.18`, `3.8.32` are available. Users unable to upgrade should disable the Shovel and Federation plugins.

OpenPorts

22 195 3306 4369 5672 8080 8081 9999 18081

1377938449 | 2024-05-16T18:49:32.818498

22 / tcp

SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.6
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIvrpK7PoeLK7JMuNHkCokQa
Wzae/E19gbmUEjxj7n8z0U/UlolhJwzp+Ls6vHUC3QB3PhinHchkCd8VDCGEfXg=
Fingerprint: ea:9e:2d:b8:e4:c6:58:f3:80:e7:0c:db:a2:af:15:01

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	sntrup761x25519-sha512@openssh.com
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1586701112 | 2024-05-24T04:13:01.108663

3306 / tcp

MySQL:
  Protocol Version: 10
  Version: 5.7.44
  Capabilities: 65535
  Server Language: 224
  Server Status: 2
  Extended Server Capabilities: 49663
  Authentication Plugin: mysql_native_password

1913291440 | 2024-05-09T19:47:02.782831

4369 / tcp

Erlang Port Mapper Daemon:
  nodes: <empty>

-268271615 | 2024-05-09T00:00:48.500748

5672 / tcp

AMQP:
  Protocol Version: 0-9
  Product: RabbitMQ
  Product Version: 3.9.13
  Platform: Erlang/OTP 24.2.1
  Capabilities:
    Exchange Exchange Bindings: True
    Connection.blocked: True
    Authentication Failure Close: True
    Direct Reply To: True
    Basic.nack: True
    Per Consumer Qos: True
    Consumer Priorities: True
    Consumer Cancel Notify: True
    Publisher Confirms: True

1410193794 | 2024-05-08T03:03:37.137872

8080 / tcp

HTTP/1.1 404 
Content-Type: text/html;charset=utf-8
Content-Language: en
Content-Length: 431
Date: Wed, 08 May 2024 03:03:37 GMT

1544091383 | 2024-05-04T14:27:13.562646

8081 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 May 2024 14:27:13 GMT
Content-Type: text/html
Content-Length: 917
Last-Modified: Wed, 01 May 2024 01:15:50 GMT
Connection: keep-alive
ETag: "663197c6-395"
Accept-Ranges: bytes

<!doctype html>
<html>
<head>
    <meta charset="utf-8">
    <title>恭喜，站点创建成功！</title>
    <style>
        .container {
            width: 60%;
            margin: 10% auto 0;
            background-color: #f0f0f0;
            padding: 2% 5%;
            border-radius: 10px
        }

        ul {
            padding-left: 20px;
        }

            ul li {
                line-height: 2.3
            }

        a {
            color: #20a53a
        }
    </style>
</head>
<body>
    <div class="container">
        <h1>恭喜, 站点创建成功！</h1>
        <h3>这是默认index.html，本页面由系统自动生成</h3>
        <ul>
            <li>本页面在FTP根目录下的index.html</li>
            <li>您可以修改、删除或覆盖本页面</li>
            <li>FTP相关信息，请到“面板系统后台 > FTP” 查看</li>
        </ul>
    </div>
</body>
</html>

112246764 | 2024-05-09T05:25:35.304702

9999 / tcp

HTTP/1.1 200 OK
content-type: text/html;charset=UTF-8
content-length: 61
connection: keep-alive

112246764 | 2024-05-28T15:11:10.152817

18081 / tcp

HTTP/1.1 200 OK
content-type: text/html;charset=UTF-8
content-length: 61
connection: keep-alive

110.40.25.189

Last Seen: 2024-05-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1377938449 | 2024-05-16T18:49:32.818498
22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1586701112 | 2024-05-24T04:13:01.108663
3306 / tcp

MySQL5.7.44

1913291440 | 2024-05-09T19:47:02.782831
4369 / tcp

Erlang Port Mapper Daemon

-268271615 | 2024-05-09T00:00:48.500748
5672 / tcp

RabbitMQ3.9.13

1410193794 | 2024-05-08T03:03:37.137872
8080 / tcp

1544091383 | 2024-05-04T14:27:13.562646
8081 / tcp

nginx

112246764 | 2024-05-09T05:25:35.304702
9999 / tcp

112246764 | 2024-05-28T15:11:10.152817
18081 / tcp

Products

Pricing

Contact Us

110.40.25.189

Last Seen: 2024-05-28

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

1377938449 | 2024-05-16T18:49:32.818498 22 / tcp

OpenSSH8.9p1 Ubuntu-3ubuntu0.6

1586701112 | 2024-05-24T04:13:01.108663 3306 / tcp

MySQL5.7.44

1913291440 | 2024-05-09T19:47:02.782831 4369 / tcp

Erlang Port Mapper Daemon

-268271615 | 2024-05-09T00:00:48.500748 5672 / tcp

RabbitMQ3.9.13

1410193794 | 2024-05-08T03:03:37.137872 8080 / tcp

1544091383 | 2024-05-04T14:27:13.562646 8081 / tcp

nginx

112246764 | 2024-05-09T05:25:35.304702 9999 / tcp

112246764 | 2024-05-28T15:11:10.152817 18081 / tcp

Products

Pricing

Contact Us

1377938449 | 2024-05-16T18:49:32.818498
22 / tcp

1586701112 | 2024-05-24T04:13:01.108663
3306 / tcp

1913291440 | 2024-05-09T19:47:02.782831
4369 / tcp

-268271615 | 2024-05-09T00:00:48.500748
5672 / tcp

1410193794 | 2024-05-08T03:03:37.137872
8080 / tcp

1544091383 | 2024-05-04T14:27:13.562646
8081 / tcp

112246764 | 2024-05-09T05:25:35.304702
9999 / tcp

112246764 | 2024-05-28T15:11:10.152817
18081 / tcp