GeneralInformation

Hostnames	revskill.synology.me esxi.szwilliam.top
Domains	synology.me szwilliam.top
Country	China
City	Shenzhen
Organization	CHINANET Guangdong province network
ISP	CHINANET-BACKBONE
ASN	AS4134

WebTechnologies

JavaScript frameworks

Network storage

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-41741	Exposure of sensitive information to an unauthorized actor vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to obtain sensitive information via unspecified vectors.
CVE-2023-41740	Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in cgi component in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote attackers to read specific files via unspecified vectors.
CVE-2023-41739	Uncontrolled resource consumption vulnerability in File Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to conduct denial-of-service attacks via unspecified vectors.
CVE-2023-41738	Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in Directory Domain Functionality in Synology Router Manager (SRM) before 1.3.1-9346-6 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
CVE-2023-32956	Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2023-32955	Improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in DHCP Client Functionality in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows man-in-the-middle attackers to execute arbitrary commands via unspecified vectors.
CVE-2023-2729	Use of insufficiently random values vulnerability in User Management Functionality in Synology DiskStation Manager (DSM) before 7.2-64561 allows remote attackers to obtain user credential via unspecified vectors.
CVE-2023-0142	Uncontrolled search path element vulnerability in Backup Management Functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to read or write arbitrary files via unspecified vectors.
CVE-2023-0077	Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to overflow buffers via unspecified vectors.
CVE-2022-43932	Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to read arbitrary files via unspecified vectors.

OpenPorts

53 2222 5001 8000 10443

1301534235 | 2024-05-07T08:11:36.634957

53 / tcp

DNSServer
Resolver name: MiUnlock

-1547840887 | 2024-05-07T18:03:39.143373

2222 / tcp

SSH-2.0-OpenSSH_8.2p1 Ubuntu-4ubuntu0.11
Key type: ssh-rsa
Key: AAAAB3NzaC1yc2EAAAADAQABAAABgQDOtgdlpHDPZ1Tz88Su1cbbBkkV91JFF+yJt3IBnPmIc9HW
hWsZ40xz1UF5n8D8lzQAA0sAWZLEf3BhZGDePvacpHhTVKNt5/QWuhOxAycitVzj8kuqN4Ai7QtH
Ia4J/Wfs3WBclCKjx2Pa+PGfnKz/iVxnePbrUzx14gp9tXBrZw2afVl8wZYetGHTW1/nKXPvkwfK
C/35CvBHzZJwuUUh8af3XW6F0L6mUpzQo+3QHXQc9plBLm4IU6IUko3GGPBrEsr/XjqimK/7nzXy
Mqa0WWO37RNvLlxlfEI3C3/mVGdh5sQVTW5JBjgq9JkPARkAemnaHBMe6AP8m6Riw0tFI2eiuWyL
0jOohX3vqMF/lOM3ITm22rXrWdwvE+O9OACZjHl+QqOyobbDwgT1O6H/IRw/ccdWp40TNei0x9Zr
TaWCq6c+6tVfe3/+7oT2oafXB3mv1SR4NKdjyK/eQRYJ2APfQnpfBn9ubw4zrQw7A7HqtJl4K8iC
FkyoC3FwIAs=
Fingerprint: 27:a2:27:22:fe:d4:0b:b3:ef:b5:c2:58:2c:86:ec:fa

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ssh-rsa
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

1403534861 | 2024-05-07T11:40:56.250566

5001 / tcp

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 11:40:54 GMT
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"


Synology DiskStation Manager (DSM):
  Version: 7.1.1-42962
  Hostname: REVSKILL
  Custom Login Title: REVSKILL
  Login Welcome Title: REVSKILL
  Login Welcome Message: Welcome

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:de:d4:8c:30:b6:a9:9f:2a:69:50:f2:62:a4:a1:b7:c0:68
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R3
        Validity
            Not Before: Apr  6 12:55:15 2024 GMT
            Not After : Jul  5 12:55:14 2024 GMT
        Subject: CN=revskill.synology.me
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:f0:a7:4b:80:0a:0e:74:4f:1c:01:42:22:a2:bc:
                    fd:86:10:3e:a8:5a:0a:fa:d5:73:2c:b4:03:46:07:
                    e6:f0:f9:5d:7f:ff:80:e0:63:00:6f:b2:83:a4:f5:
                    05:fd:18:89:91:b1:55:a1:19:4e:f5:83:23:96:4d:
                    ea:2e:20:0b:a2
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                4E:E1:59:A3:81:45:BE:90:6A:57:AA:87:1B:64:CA:B7:6E:C0:17:51
            X509v3 Authority Key Identifier: 
                14:2E:B3:17:B7:58:56:CB:AE:50:09:40:E6:1F:AF:9D:8B:14:C2:C6
            Authority Information Access: 
                OCSP - URI:http://r3.o.lencr.org
                CA Issuers - URI:http://r3.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:revskill.synology.me
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Apr  6 13:55:15.067 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:3A:05:CF:F1:D9:08:3E:CF:66:EC:85:99:
                                6D:0B:6F:24:C0:36:52:05:19:F3:5D:94:71:78:3A:19:
                                1B:21:BE:72:02:21:00:C3:58:FF:3B:21:FF:68:16:80:
                                90:D9:15:3E:6B:E0:92:04:83:0C:62:3F:D0:1E:99:E5:
                                36:C3:18:D5:28:68:25
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Apr  6 13:55:15.063 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:07:F0:43:EE:4B:4B:7F:AE:C7:D3:CD:59:
                                FD:F5:1C:99:C6:6A:7E:C9:A2:43:8A:54:35:A7:0A:C1:
                                25:54:82:1F:02:21:00:CD:5F:9F:E7:C3:B7:71:4C:DB:
                                83:FF:AC:A6:89:89:CB:06:C6:96:08:FE:D6:A7:94:76:
                                8D:1B:7B:25:BF:3B:B3
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        48:c5:7b:7a:16:4c:38:91:f0:c0:a4:63:fc:c9:a3:61:e1:e6:
        b1:c2:c5:84:ae:5c:52:28:dc:69:c2:a4:62:6a:d9:f2:9a:a3:
        44:04:f8:a6:b9:02:c9:ef:43:5f:bc:12:32:48:5e:39:e6:01:
        be:51:1e:5e:59:c9:28:a5:48:84:93:99:cc:ae:1b:44:3c:2f:
        ce:43:32:5a:3e:aa:ea:02:a6:70:bc:b8:27:d9:fa:9c:12:54:
        85:c6:c7:6f:e9:df:33:be:7a:41:4e:de:e9:1d:2c:42:80:16:
        bc:88:fa:93:63:d1:2a:e0:c7:94:08:42:80:0c:73:09:ca:29:
        97:4a:87:b5:28:59:d7:12:4e:82:b7:dc:bc:6d:58:f5:de:b9:
        c4:fb:75:5b:b1:f5:ed:a5:4a:2b:9a:4e:0f:b0:68:1d:71:e3:
        d9:d9:15:78:71:86:c0:b0:61:7b:6a:db:b4:31:8d:4c:8d:79:
        a3:1f:d1:52:0c:92:27:ab:3f:72:fd:53:1a:70:51:f1:48:12:
        ae:f3:c6:54:d0:66:7b:12:48:40:41:0f:a7:44:0a:d6:7f:8b:
        8a:9a:78:ca:85:74:43:53:03:b6:62:a0:95:81:ab:25:09:b6:
        e9:c4:79:4b:f2:f5:7e:92:c2:df:74:07:3c:6e:1a:12:86:9e:
        5a:e6:e4:76

-461881730 | 2024-05-07T02:25:45.600533

8000 / tcp

HTTP/1.1 200 OK
Date: Tue, 07 May 2024 02:25:45 GMT
Server: Apache
Cache-control: no-store
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/html; charset="UTF-8"


Synology Router Manager (SRM):
  Version: 1.3.1-9346
  Hostname: MiUnlock
  Custom Login Title: MiUnlock

-2090962452 | 2024-05-04T05:41:09.962622

10443 / tcp

HTTP/1.1 404 Not Found
Date: Sat, 04 May 2024 05:41:09 GMT
Content-Type: text/html
Content-Length: 548
Connection: keep-alive
Keep-Alive: timeout=20

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            c5:3b:44:10:32:e4:9b:32:62:11:dd:d8:5a:59:b7:bb
        Signature Algorithm: sha384WithRSAEncryption
        Issuer: C=CN, O=TrustAsia Technologies, Inc., CN=TrustAsia RSA DV TLS CA G2
        Validity
            Not Before: Dec 20 00:00:00 2023 GMT
            Not After : Dec 19 23:59:59 2024 GMT
        Subject: CN=esxi.szwilliam.top
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:bb:6a:5f:c3:9e:5d:a9:c3:6c:88:ab:b9:6a:59:
                    82:f3:50:ab:2b:2d:0f:17:1b:3d:bc:a1:37:7b:52:
                    ff:17:6c:35:73:bf:91:04:da:00:5e:ff:48:d1:80:
                    54:27:09:71:0c:d2:28:8b:ee:a7:e5:95:ec:bb:34:
                    5e:3c:ec:1d:23:5d:8e:2e:11:e7:25:bf:ae:e9:be:
                    8b:ad:fb:f9:1c:45:52:d5:43:6f:db:1c:40:de:7c:
                    01:14:d3:7e:67:5c:99:d0:50:70:c3:13:9c:c4:07:
                    b0:2f:4a:1e:d0:2d:af:da:5d:7e:98:20:03:ac:63:
                    f1:70:24:17:74:bb:de:fe:83:3f:75:fa:88:ca:3a:
                    84:04:72:da:23:fa:92:c5:34:37:71:86:85:31:12:
                    41:b2:f9:10:a8:92:9e:aa:38:e2:e5:6c:c8:12:c7:
                    d5:9a:25:8c:9d:38:da:f9:76:56:32:d3:33:3e:a2:
                    d4:50:d4:ff:f5:b3:76:8e:f0:97:7a:4c:70:b1:44:
                    71:f5:ab:3d:61:64:b6:2a:49:2c:2a:71:d3:f4:c9:
                    4d:47:4e:c0:7e:5d:05:d0:b1:45:11:8a:eb:42:40:
                    bd:8d:ff:8b:68:ed:61:4c:76:5d:2e:a5:e6:08:9e:
                    c8:b1:36:49:f7:63:8f:59:4d:01:f8:ab:c9:ec:03:
                    5c:bd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                5F:3A:7C:11:10:7E:0C:67:71:61:DC:8B:A3:B5:00:03:67:F5:57:1C
            X509v3 Subject Key Identifier: 
                66:63:A5:41:3B:DA:CB:5F:CC:91:D3:CF:C6:0D:A7:C4:92:21:FB:61
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.6449.1.2.2.49
                  CPS: https://sectigo.com/CPS
                Policy: 2.23.140.1.2.1
            Authority Information Access: 
                CA Issuers - URI:http://crt.trust-provider.cn/TrustAsiaRSADVTLSCAG2.crt
                OCSP - URI:http://ocsp.trust-provider.cn
            X509v3 Subject Alternative Name: 
                DNS:esxi.szwilliam.top
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 76:FF:88:3F:0A:B6:FB:95:51:C2:61:CC:F5:87:BA:34:
                                B4:A4:CD:BB:29:DC:68:42:0A:9F:E6:67:4C:5A:3A:74
                    Timestamp : Dec 20 04:03:46.918 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:83:7E:BF:F7:2D:06:50:5C:2A:D2:7E:
                                D3:5C:84:E5:BC:2D:5A:E4:D6:22:B8:76:8D:D0:36:C4:
                                D3:AC:6A:42:72:02:20:05:09:5F:3F:69:A0:A5:38:D4:
                                02:6C:60:70:70:BC:26:AC:99:34:7A:29:32:60:9A:F9:
                                43:14:4F:5C:C0:38:FE
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 3F:17:4B:4F:D7:22:47:58:94:1D:65:1C:84:BE:0D:12:
                                ED:90:37:7F:1F:85:6A:EB:C1:BF:28:85:EC:F8:64:6E
                    Timestamp : Dec 20 04:03:46.836 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:35:6D:72:79:2D:21:2E:2E:43:C7:09:00:
                                68:A9:D2:F4:8B:57:C1:2D:29:F9:97:A6:E5:35:18:20:
                                53:C3:B3:00:02:21:00:9A:A1:D6:FB:6B:48:54:B0:C4:
                                D1:66:02:68:8F:8D:7F:FF:40:28:64:88:A9:90:5D:7B:
                                D8:DB:77:B0:F8:1A:E7
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : EE:CD:D0:64:D5:DB:1A:CE:C5:5C:B7:9D:B4:CD:13:A2:
                                32:87:46:7C:BC:EC:DE:C3:51:48:59:46:71:1F:B5:9B
                    Timestamp : Dec 20 04:03:46.815 2023 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:67:DC:D4:FD:B5:31:1C:84:EF:E6:49:BD:
                                CC:B9:80:48:0C:A2:21:1F:F0:46:1E:5B:70:F7:83:A1:
                                67:5C:25:51:02:21:00:E9:2B:9B:E4:21:6E:4B:05:4E:
                                06:A9:08:D7:30:E7:B4:C6:54:E0:12:92:66:37:F3:26:
                                FD:6B:52:F8:5E:39:96
    Signature Algorithm: sha384WithRSAEncryption
    Signature Value:
        67:f7:6b:78:f4:c9:10:10:97:51:88:eb:94:00:e4:ea:1e:c5:
        1f:6a:51:73:5c:78:0c:ba:92:ca:00:52:6a:31:fe:ab:19:bb:
        62:7a:4f:5b:22:96:2a:58:b3:b2:9d:75:de:75:d7:86:41:53:
        9c:e6:a2:39:ae:d7:e9:64:2e:68:2e:4a:38:da:51:a9:a0:80:
        31:c5:f5:fc:d2:e7:74:97:71:34:6c:4d:f5:d3:86:08:17:31:
        0f:7d:f0:92:f6:09:de:86:45:00:a5:34:a1:1b:c5:10:88:2c:
        e8:e6:11:21:55:6c:89:3b:b5:a8:d9:2a:f7:0c:f6:c1:95:5a:
        23:fd:df:74:66:e5:ea:fb:f4:bc:4f:b6:9a:7b:9a:a9:e9:1c:
        71:10:9b:21:f0:71:2f:78:88:77:e3:8f:85:cb:d1:be:f2:3a:
        8b:80:71:6c:6e:bb:21:df:47:bc:6c:32:da:f8:ef:69:f4:ca:
        d1:4a:05:51:fc:f0:17:16:f7:64:20:e1:c8:9c:4f:0e:3b:1f:
        c1:88:57:c3:2a:98:71:d7:78:38:af:41:d8:4d:95:e1:13:82:
        98:e4:44:be:3e:bd:bd:0b:9f:2d:fc:33:ec:20:8f:bd:b8:20:
        4f:09:54:a8:dd:cc:cf:29:e8:98:4e:e6:f0:2c:fc:f8:43:3c:
        76:2f:31:2e:80:c5:af:63:46:ac:ff:09:2b:01:46:ad:ef:10:
        b1:c5:6f:25:84:f3:47:3f:ac:2b:8b:f6:94:71:28:bc:28:75:
        59:1a:71:8f:0a:74:2f:8b:b4:5a:b2:4e:bc:e3:05:e8:0b:78:
        1f:84:3f:78:65:ea:a1:8e:f6:e5:5a:a8:ca:84:2e:0e:16:d9:
        31:9b:4e:0a:91:9c:2b:b8:6b:25:68:f0:da:ee:a0:52:b5:07:
        5a:b8:16:14:20:7e:02:db:5e:fa:52:63:93:77:05:03:58:09:
        89:48:bd:65:2c:db:94:33:a9:f9:f3:31:11:9a:e3:0b:1e:7c:
        93:06:25:00:2f:cb

14.155.222.213

Last Seen: 2024-05-07

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1301534235 | 2024-05-07T08:11:36.634957
53 / tcp

-1547840887 | 2024-05-07T18:03:39.143373
2222 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1403534861 | 2024-05-07T11:40:56.250566
5001 / tcp

nginx

-461881730 | 2024-05-07T02:25:45.600533
8000 / tcp

Apache httpd

-2090962452 | 2024-05-04T05:41:09.962622
10443 / tcp

Products

Pricing

Contact Us

14.155.222.213

Last Seen: 2024-05-07

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

1301534235 | 2024-05-07T08:11:36.634957 53 / tcp

-1547840887 | 2024-05-07T18:03:39.143373 2222 / tcp

OpenSSH8.2p1 Ubuntu-4ubuntu0.11

1403534861 | 2024-05-07T11:40:56.250566 5001 / tcp

nginx

-461881730 | 2024-05-07T02:25:45.600533 8000 / tcp

Apache httpd

-2090962452 | 2024-05-04T05:41:09.962622 10443 / tcp

Products

Pricing

Contact Us

1301534235 | 2024-05-07T08:11:36.634957
53 / tcp

-1547840887 | 2024-05-07T18:03:39.143373
2222 / tcp

1403534861 | 2024-05-07T11:40:56.250566
5001 / tcp

-461881730 | 2024-05-07T02:25:45.600533
8000 / tcp

-2090962452 | 2024-05-04T05:41:09.962622
10443 / tcp