GeneralInformation

Country	China
City	Shenzhen
Organization	CHINANET Guangdong province network
ISP	CHINANET-BACKBONE
ASN	AS4134

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

123 161 873 3000 5005 8126 9993

-40288086 | 2024-05-06T17:18:41.621853

123 / udp

NTP
protocolversion: 3
stratum: 2
leap: 0
precision: -9
rootdelay: 0.0482635498047
rootdisp: 0.0649261474609
refid: 3396345170
reftime: 3924003690.45
poll: 12

1425918417 | 2024-05-07T05:36:28.311514

161 / udp

SNMP:
  Uptime: 7481908
  Description: Linux OpenWrt 5.15.151 #0 SMP PREEMPT Fri Mar 15 06:24:06 2024 aarch64
  Versions:
    1
    3
  Name: HeartOfGold
  Ordescr: The MIB module for managing IP and ICMP implementations
  Engineid Format: mac
  Contact: bofh@example.com
  Oruptime: 0
  Engine Boots: 1
  Engineid Data: 04:91:62:be:38:83
  Enterprise: 8072
  Objectid: 1.3.6.1.4.1.8072.3.2.10
  Engine Time: 20:46:58
  Orid: 1.3.6.1.2.1.4
  Location: office

1239662189 | 2024-04-18T05:13:37.979097

873 / tcp

@RSYNCD: 31.0\nzspace         	
@RSYNCD: EXIT

-580463594 | 2024-05-09T12:05:03.417711

3000 / tcp

HTTP/1.1 200 OK
Server: nginx/1.18.0
Date: Thu, 09 May 2024 12:05:04 GMT
Content-Type: text/html
Content-Length: 13738
Last-Modified: Mon, 29 Apr 2024 12:41:35 GMT
Connection: keep-alive
ETag: "662f957f-35aa"
Cache-Control: no-cache, no-store, must-revalidate
Accept-Ranges: bytes

787580219 | 2024-04-19T08:06:29.905677

5005 / tcp

HTTP/1.1 401 Unauthorized
Content-Type: text/plain; charset=utf-8
Www-Authenticate: Basic realm="Restricted"
X-Content-Type-Options: nosniff
Date: Fri, 19 Apr 2024 08:06:29 GMT
Content-Length: 15

-1071019642 | 2024-05-06T23:04:55.849932

8126 / tcp

HTTP/1.1 400 Bad Request
Content-Length: 0
Connection: close
Date: Mon, 06 May 2024 23:04:57 GMT
Server: Kestrel

-1979175224 | 2024-05-09T23:02:50.485826

9993 / tcp

HTTP/1.1 401 Unauthorized
Content-Length: 2
Content-Type: application/json
Keep-Alive: timeout=5, max=5

14.155.222.193

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-40288086 | 2024-05-06T17:18:41.621853
123 / udp

1425918417 | 2024-05-07T05:36:28.311514
161 / udp

net-snmp

1239662189 | 2024-04-18T05:13:37.979097
873 / tcp

rsyncd31.0

-580463594 | 2024-05-09T12:05:03.417711
3000 / tcp

nginx1.18.0

787580219 | 2024-04-19T08:06:29.905677
5005 / tcp

-1071019642 | 2024-05-06T23:04:55.849932
8126 / tcp

-1979175224 | 2024-05-09T23:02:50.485826
9993 / tcp

Products

Pricing

Contact Us

14.155.222.193

Last Seen: 2024-05-09

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-40288086 | 2024-05-06T17:18:41.621853 123 / udp

1425918417 | 2024-05-07T05:36:28.311514 161 / udp

net-snmp

1239662189 | 2024-04-18T05:13:37.979097 873 / tcp

rsyncd31.0

-580463594 | 2024-05-09T12:05:03.417711 3000 / tcp

nginx1.18.0

787580219 | 2024-04-19T08:06:29.905677 5005 / tcp

-1071019642 | 2024-05-06T23:04:55.849932 8126 / tcp

-1979175224 | 2024-05-09T23:02:50.485826 9993 / tcp

Products

Pricing

Contact Us

-40288086 | 2024-05-06T17:18:41.621853
123 / udp

1425918417 | 2024-05-07T05:36:28.311514
161 / udp

1239662189 | 2024-04-18T05:13:37.979097
873 / tcp

-580463594 | 2024-05-09T12:05:03.417711
3000 / tcp

787580219 | 2024-04-19T08:06:29.905677
5005 / tcp

-1071019642 | 2024-05-06T23:04:55.849932
8126 / tcp

-1979175224 | 2024-05-09T23:02:50.485826
9993 / tcp