GeneralInformation

Country	China
City	Hefei
Organization	CHINANET Anhui province network
ISP	CHINANET-BACKBONE
ASN	AS4134

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2021-23017	6.8A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.

OpenPorts

53 2086 2121 8500 8888 9000 30003

-553166942 | 2024-05-04T08:38:35.834907

53 / udp

Recursion: enabled

-401895384 | 2024-04-29T03:13:31.700807

2086 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 32
Connection: keep-alive

-1315791722 | 2024-05-06T02:24:12.618310

2121 / tcp

220 37 FTP server (MikroTik 6.44.2) ready
530 Login incorrect
500 'HELP': command not understood
500 'FEAT': command not understood

1417183425 | 2024-04-19T23:25:46.235966

8500 / tcp

HTTP/1.1 407 OK
Date: Wed, 20 Jan 2021 05:55:41 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 32
Connection: keep-alive

please add white ip 224.175.160.106

-1519255586 | 2024-05-02T14:48:01.341999

8888 / tcp

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Length: 7065
Content-Type: text/html
Date: Thu, 02 May 2024 14:48:00 GMT
Expires: 0


MikroTik RouterOS:
  Version: 6.44.2

-746088713 | 2024-04-22T04:14:06.230719

9000 / tcp

HTTP/1.1 407 Proxy Authentication Required
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 22 Apr 2024 04:14:05 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Proxy-Authenticate: Basic realm="Test Authentication System"

0

-710295549 | 2024-04-24T04:54:10.022714

30003 / tcp

HTTP/1.1 403 Forbidden
Content-Length: 0

183.166.90.223

Last Seen: 2024-05-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-553166942 | 2024-05-04T08:38:35.834907
53 / udp

-401895384 | 2024-04-29T03:13:31.700807
2086 / tcp

-1315791722 | 2024-05-06T02:24:12.618310
2121 / tcp

MikroTik router ftpd6.44.2

1417183425 | 2024-04-19T23:25:46.235966
8500 / tcp

-1519255586 | 2024-05-02T14:48:01.341999
8888 / tcp

-746088713 | 2024-04-22T04:14:06.230719
9000 / tcp

nginx1.18.0

-710295549 | 2024-04-24T04:54:10.022714
30003 / tcp

TRENDnet TV-IP110W webcam display httpd

Products

Pricing

Contact Us

183.166.90.223

Last Seen: 2024-05-06

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-553166942 | 2024-05-04T08:38:35.834907 53 / udp

-401895384 | 2024-04-29T03:13:31.700807 2086 / tcp

-1315791722 | 2024-05-06T02:24:12.618310 2121 / tcp

MikroTik router ftpd6.44.2

1417183425 | 2024-04-19T23:25:46.235966 8500 / tcp

-1519255586 | 2024-05-02T14:48:01.341999 8888 / tcp

-746088713 | 2024-04-22T04:14:06.230719 9000 / tcp

nginx1.18.0

-710295549 | 2024-04-24T04:54:10.022714 30003 / tcp

TRENDnet TV-IP110W webcam display httpd

Products

Pricing

Contact Us

-553166942 | 2024-05-04T08:38:35.834907
53 / udp

-401895384 | 2024-04-29T03:13:31.700807
2086 / tcp

-1315791722 | 2024-05-06T02:24:12.618310
2121 / tcp

1417183425 | 2024-04-19T23:25:46.235966
8500 / tcp

-1519255586 | 2024-05-02T14:48:01.341999
8888 / tcp

-746088713 | 2024-04-22T04:14:06.230719
9000 / tcp

-710295549 | 2024-04-24T04:54:10.022714
30003 / tcp