GeneralInformation

Country	China
City	Shenzhen
Organization	CHINANET Guangdong province network
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

JavaScript frameworks

Vue.js

JavaScript libraries

jQuery1.12.1

Network storage

Synology DiskStation

Programming languages

Python

UI frameworks

Bootstrapb00faad199b5

Web frameworks

Django

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

123 500 1723 5001 8000

-2141355785 | 2024-05-06T22:14:55.198633

123 / udp

NTP
protocolversion: 3
stratum: 1
leap: 0
precision: -9
rootdelay: 0.0
rootdisp: 0.0
refid: 0
reftime: 3924022475.78
poll: 0

340309646 | 2024-04-24T11:33:00.050622

500 / udp

VPN (IKE)

Initiator SPI: 6b723170306f3230
Responder SPI: 766e6a6c61397265
Next Payload: RESERVED
Version: 2.0
Exchange Type: DOI Specific Use
Flags:
    Encryption:     False
    Commit:         False
    Authentication: False
Message ID: 00000000
Length: 36

-2018641221 | 2024-05-01T20:32:14.478695

1723 / tcp

PPTP:
  Firmware: 1
  Hostname: local
  Vendor: cananian

435395995 | 2024-05-02T02:14:00.343272

5001 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 02 May 2024 02:14:00 GMT
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Security-Policy: base-uri 'self';  connect-src data: ws: wss: http: https:; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' data: blob: https://*.synology.com https://*.synology.cn http://*.synology.com http://*.synology.cn http://global.synologydownload.com https://global.synologydownload.com; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com https://global.download.synology.com; media-src 'self' data: about: https://*.synology.com https://help.synology.cn;  script-src 'self' 'unsafe-eval' data: blob: https://maps.google.com https://maps.googleapis.com https://ajax.googleapis.com https://help.synology.com https://help.synology.cn; style-src 'self' 'unsafe-inline' https://*.googleapis.com;


Synology DiskStation Manager (DSM):
  Version: 7.2.1-69057
  Hostname: ysightNas

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:7a:4a:22:5b:3a:ba:e6:ae:71:27:ab:8f:d8:75:86:a0:95:e2:41
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=TW, L=Taipei, O=Synology Inc., CN=Synology Inc. CA
        Validity
            Not Before: Mar 19 11:34:24 2024 GMT
            Not After : Mar 20 11:34:24 2025 GMT
        Subject: C=TW, L=Taipei, O=Synology Inc., CN=synology
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b7:6e:21:ff:51:65:be:de:75:b2:b9:fd:26:05:
                    a7:7e:da:3b:71:fa:71:e1:c7:02:4f:37:93:e7:e6:
                    2c:85:57:e3:52:da:f8:47:bc:af:95:4d:fd:7e:0e:
                    6a:0f:88:5b:3b:ea:78:bc:dc:a7:79:45:d5:5c:f3:
                    a1:08:74:f4:e3:01:68:3d:ed:f9:8a:c2:cc:9c:6a:
                    9a:a7:2e:94:b0:48:60:8e:63:59:45:87:2f:a7:c3:
                    23:b7:90:7e:26:95:90:92:b7:d8:92:23:23:3b:f3:
                    c0:24:fd:96:de:9f:89:b2:57:2f:08:e6:70:14:f5:
                    77:a6:55:d5:fe:de:39:58:27:cb:03:d9:15:cd:d8:
                    79:87:d1:d4:f6:1a:ae:7c:cd:14:c3:ea:a9:74:64:
                    4d:20:4e:a3:2e:64:75:de:f7:ff:84:64:28:c2:c9:
                    46:e2:c5:be:11:2e:08:80:90:a5:e8:e6:d2:1c:de:
                    2a:e1:90:5b:a1:c3:56:75:ff:73:cf:a0:70:67:e0:
                    96:23:22:10:69:af:c3:eb:90:54:8b:64:1d:db:f7:
                    ff:fd:c8:72:5c:e2:b5:3e:9e:31:6c:07:e0:cf:d7:
                    69:31:70:4a:80:24:9d:86:a8:61:8c:c9:1f:78:ee:
                    60:a0:00:f0:98:3c:b7:78:73:52:77:a8:66:c2:65:
                    bb:11
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Alternative Name: 
                DNS:synology
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        53:3c:ca:6e:dd:f5:60:33:c1:d8:c7:53:7b:90:15:c5:53:af:
        e0:dd:e1:ff:81:85:cc:78:4e:2b:09:0c:13:a9:92:31:13:0b:
        de:ea:7b:91:f8:7b:d5:b6:b9:10:b7:78:34:9a:f1:e5:e9:57:
        ef:7e:94:eb:59:0e:57:5d:9a:91:44:84:15:06:c0:ef:8f:0f:
        48:37:55:b9:af:7a:4a:0d:ec:57:4d:38:10:c8:37:f8:ce:fb:
        01:17:8c:b4:12:a2:f8:b5:0f:da:d9:70:72:54:14:b5:0a:10:
        b9:85:82:0d:6e:23:c2:d2:fb:9a:a9:4e:b3:66:e4:e7:cb:2a:
        08:cf:5b:b4:dc:c0:05:98:fb:77:91:60:cf:d5:1d:83:87:9b:
        a6:76:3b:30:4f:b1:99:e7:8a:e7:3a:45:33:c9:15:f3:37:ca:
        fa:b0:a6:01:fa:54:4d:07:cb:cd:6e:1d:ae:e1:83:f6:51:c7:
        be:98:37:5e:7d:db:ee:a5:ed:ec:60:d1:d2:f1:e0:86:8d:f8:
        6b:59:39:ea:80:41:43:ce:92:7c:40:d6:37:85:33:4c:ba:e5:
        c6:53:ce:38:75:53:fe:a3:b4:b9:68:16:9b:15:12:c4:26:1b:
        c9:52:ac:90:c8:f2:7f:e6:b5:f6:36:73:f5:ee:65:c5:50:98:
        67:4a:18:d0

-1755774751 | 2024-04-23T09:27:50.544195

8000 / tcp

HTTP/1.1 200 OK
Content-Language: en
Expires: Tue, 23 Apr 2024 09:27:50 GMT
Vary: Cookie, Accept-Language
Last-Modified: Tue, 23 Apr 2024 09:27:50 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Content-Type: text/html; charset=utf-8
Set-Cookie:  csrftoken=A0JDAqIFiL6YxY3C8tpuOGmy9FWRHOOB; expires=Tue, 22-Apr-2025 09:27:50 GMT; Max-Age=31449600; Path=/
Set-Cookie:  sessionid=p0r0e6l3bk7nuew76lfguzxzkyljrj5h; expires=Wed, 24-Apr-2024 09:27:50 GMT; httponly; Max-Age=86400; Path=/
Transfer-Encoding: chunked
Date: Tue, 23 Apr 2024 09:27:50 GMT
Server: localhost

14.155.202.138

Last Seen: 2024-05-06

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2141355785 | 2024-05-06T22:14:55.198633
123 / udp

340309646 | 2024-04-24T11:33:00.050622
500 / udp

-2018641221 | 2024-05-01T20:32:14.478695
1723 / tcp

PPTP

435395995 | 2024-05-02T02:14:00.343272
5001 / tcp

nginx

-1755774751 | 2024-04-23T09:27:50.544195
8000 / tcp

Products

Pricing

Contact Us

14.155.202.138

Last Seen: 2024-05-06

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

-2141355785 | 2024-05-06T22:14:55.198633 123 / udp

340309646 | 2024-04-24T11:33:00.050622 500 / udp

-2018641221 | 2024-05-01T20:32:14.478695 1723 / tcp

PPTP

435395995 | 2024-05-02T02:14:00.343272 5001 / tcp

nginx

-1755774751 | 2024-04-23T09:27:50.544195 8000 / tcp

Products

Pricing

Contact Us

-2141355785 | 2024-05-06T22:14:55.198633
123 / udp

340309646 | 2024-04-24T11:33:00.050622
500 / udp

-2018641221 | 2024-05-01T20:32:14.478695
1723 / tcp

435395995 | 2024-05-02T02:14:00.343272
5001 / tcp

-1755774751 | 2024-04-23T09:27:50.544195
8000 / tcp