GeneralInformation

Country	Korea, Republic of
City	Seongnam-si
Organization	SK Broadband Co Ltd
ISP	SK Broadband Co Ltd
ASN	AS9318

WebTechnologies

JavaScript frameworks

JavaScript graphics

JavaScript libraries

UI frameworks

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2020-11023	4.3In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2020-11022	4.3In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
CVE-2019-8331	4.3In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in the tooltip or popover data-template attribute.
CVE-2019-11358	4.3jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
CVE-2018-20677	4.3In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property.
CVE-2018-20676	4.3In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute.
CVE-2018-14042	4.3In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip.
CVE-2018-14040	4.3In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute.
CVE-2016-10735	4.3In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041.
CVE-2015-9251	4.3jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

OpenPorts

21 80 81 443 554 9100

886594524 | 2024-04-24T23:14:55.981316

21 / tcp

220---------- Welcome to Pure-FTPd [privsep] ----------
220-You are user number 1 of 5 allowed.
220-Local time is now 08:10. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
421 Unable to set up secure anonymous FTP
211-Extensions supported:
 EPRT
 IDLE
 MDTM
 SIZE
 MFMT
 REST STREAM
 MLST type*;size*;sizd*;modify*;UNIX.mode*;UNIX.uid*;UNIX.gid*;unique*;
 MLSD
 TVFS
 ESTA
 PASV
 EPSV
 SPSV
 ESTP
211 End.

-319338545 | 2024-04-25T08:53:30.043904

80 / tcp

HTTP/1.0 200 OK
Date: Thu, 25 Apr 2024 08:48:51 GMT
Server: Boa/0.94.13
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization
Connection: close
Content-Length: 31058
Last-Modified: Mon, 02 Jul 2018 13:13:18 GMT
Cache-Control: no-cache,must-revalidate
Content-Type: text/html

1260479577 | 2024-04-24T13:43:11.539134

81 / tcp

HTTP/1.1 405 Method Not Allowed
Server: gSOAP/2.8
Content-Type: text/xml; charset=utf-8
Content-Length: 3420
Connection: close

-319338545 | 2024-04-22T18:10:46.022953

443 / tcp

HTTP/1.0 200 OK
Date: Mon, 22 Apr 2024 18:06:16 GMT
Server: Boa/0.94.13
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Authorization
Connection: close
Content-Length: 31058
Last-Modified: Mon, 02 Jul 2018 13:13:18 GMT
Cache-Control: no-cache,must-revalidate
Content-Type: text/html

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ae:a7:75:b6:f8:de:29:a1
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=CN, ST=Tianjin, O=Tiandy Tech, CN=dvr_ui
        Validity
            Not Before: May  2 05:32:17 2013 GMT
            Not After : Apr 30 05:32:17 2023 GMT
        Subject: C=CN, ST=Tianjin, O=Tiandy Tech, CN=dvr_ui
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:e3:99:5d:0c:48:6a:13:3f:2b:88:c1:48:3d:db:
                    1b:74:27:cd:7d:72:bf:63:5d:d6:61:82:b4:e9:72:
                    42:5f:47:e9:3b:25:37:1d:75:15:c8:b7:16:80:70:
                    e6:c8:6a:72:5e:28:5f:98:e6:87:63:d3:81:0f:91:
                    4f:40:04:98:35:c0:b3:cd:5c:36:ca:75:0b:1c:bd:
                    1d:e6:46:96:4c:d9:57:8d:60:2a:f1:6a:23:3b:63:
                    09:21:b1:95:8a:66:b4:85:94:3f:b8:f5:b3:93:a8:
                    73:39:12:32:41:03:c5:b7:79:f8:fc:68:6e:54:da:
                    54:e4:82:e6:52:ce:fe:9e:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                7C:2B:AB:F6:7C:76:A8:7E:FC:80:3D:1F:E0:BC:CF:99:B4:E4:B1:B2
            X509v3 Authority Key Identifier: 
                7C:2B:AB:F6:7C:76:A8:7E:FC:80:3D:1F:E0:BC:CF:99:B4:E4:B1:B2
            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        a9:ba:57:cd:c9:e0:7b:7e:f1:f7:98:f4:98:5e:b4:52:8f:8f:
        72:8e:78:6f:1b:62:b6:73:b2:48:16:78:be:64:ac:be:c4:a8:
        2c:27:e0:b2:93:18:80:f4:8f:d7:b0:d8:50:0a:44:a1:a1:9f:
        21:3b:76:ad:55:d9:af:87:e1:f2:4d:4b:2c:2a:fd:51:0d:03:
        55:38:b0:60:ae:12:47:31:6b:1d:2f:a6:c0:49:9c:e7:0a:c9:
        ef:a3:25:e1:1c:12:f5:b5:64:02:f6:95:60:7d:04:83:65:27:
        0d:5b:b3:bb:c0:28:f4:bc:70:b2:af:c1:c6:f6:71:0a:33:1b:
        e9:2f

1029513915 | 2024-04-24T21:22:49.336417

554 / tcp

RTSP/1.0 200 OK
CSeq: 1
Date: Thu, 25 Apr 2024 06:18:13 GMT
Public: OPTIONS, DESCRIBE, SETUP, TEARDOWN, PLAY, SET_PARAMETER, GET_PARAMETER
Server: RTSP Server

-57954756 | 2024-04-09T07:01:10.292499

9100 / tcp

HTTP/1.0 200 OK
Cache-Control: no-store

218.54.143.243

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

886594524 | 2024-04-24T23:14:55.981316
21 / tcp

Pure-FTPd

-319338545 | 2024-04-25T08:53:30.043904
80 / tcp

Boa HTTPd0.94.13

1260479577 | 2024-04-24T13:43:11.539134
81 / tcp

gSOAP soap2.8

-319338545 | 2024-04-22T18:10:46.022953
443 / tcp

Boa HTTPd0.94.13

1029513915 | 2024-04-24T21:22:49.336417
554 / tcp

-57954756 | 2024-04-09T07:01:10.292499
9100 / tcp

Products

Pricing

Contact Us

218.54.143.243

Last Seen: 2024-04-25

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

886594524 | 2024-04-24T23:14:55.981316 21 / tcp

Pure-FTPd

-319338545 | 2024-04-25T08:53:30.043904 80 / tcp

Boa HTTPd0.94.13

1260479577 | 2024-04-24T13:43:11.539134 81 / tcp

gSOAP soap2.8

-319338545 | 2024-04-22T18:10:46.022953 443 / tcp

Boa HTTPd0.94.13

1029513915 | 2024-04-24T21:22:49.336417 554 / tcp

-57954756 | 2024-04-09T07:01:10.292499 9100 / tcp

Products

Pricing

Contact Us

886594524 | 2024-04-24T23:14:55.981316
21 / tcp

-319338545 | 2024-04-25T08:53:30.043904
80 / tcp

1260479577 | 2024-04-24T13:43:11.539134
81 / tcp

-319338545 | 2024-04-22T18:10:46.022953
443 / tcp

1029513915 | 2024-04-24T21:22:49.336417
554 / tcp

-57954756 | 2024-04-09T07:01:10.292499
9100 / tcp