GeneralInformation

Country	China
City	Hangzhou
Organization	Hangzhou Zhongce Qingquan Industrial Company Limited
ISP	CHINANET-BACKBONE
ASN	AS4134

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

CVE-2023-44487	The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
CVE-2021-3618	5.8ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic from one subdomain to another, resulting in a valid TLS session. This breaks the authentication of TLS and cross-protocol attacks may be possible where the behavior of one protocol service may compromise the other at the application layer.
CVE-2020-1938	7.5When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible.

OpenPorts

80 81 1883 2181 4433 8009 8090 8888 9001

-1268766932 | 2024-05-02T10:23:40.531448

80 / tcp

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Accept-Ranges: bytes
ETag: W/"1558-1661909371000"
Last-Modified: Wed, 31 Aug 2022 01:29:31 GMT
Content-Type: text/html
Content-Length: 1558
Date: Thu, 02 May 2024 10:23:40 GMT

-674555174 | 2024-04-30T13:27:39.802708

81 / tcp

HTTP/1.1 200 OK
Server:  
Date: Tue, 30 Apr 2024 13:28:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 30 Apr 2024 13:28:33 GMT

-1278912815 | 2024-05-04T13:27:28.595465

1883 / tcp

MQTT Connection Code: 5

Topics:

-1697609656 | 2024-05-04T06:37:31.763884

2181 / tcp

Zookeeper version: 3.4.14-4c25d480e66aadd371de8bd2fd8da255ac140bcf, built on 03/06/2019 16:18 GMT
Clients:
 /104.152.52.216:46472[1](queued=0,recved=0,sent=0)
 /104.152.52.222:56222[1](queued=0,recved=0,sent=0)
 /224.69.17.43:51856[0](queued=0,recved=1,sent=0)
 /104.152.52.141:40557[1](queued=0,recved=0,sent=0)
 /104.152.52.226:41978[1](queued=0,recved=0,sent=0)
 /127.0.0.1:47756[1](queued=0,recved=555232,sent=555250)
 /171.188.42.72:50734[1](queued=0,recved=740170,sent=740188)
 /104.152.52.191:57729[1](queued=0,recved=0,sent=0)
 /171.188.42.72:50744[1](queued=0,recved=740042,sent=740042)
 /104.152.52.99:55792[1](queued=0,recved=0,sent=0)
 /104.152.52.221:47705[1](queued=0,recved=0,sent=0)
 /104.152.52.215:48407[1](queued=0,recved=0,sent=0)
 /104.152.52.222:41155[1](queued=0,recved=0,sent=0)
 /104.152.52.96:54883[1](queued=0,recved=0,sent=0)

Latency min/avg/max: 0/0/292
Received: 2035729
Sent: 2035758
Connections: 14
Outstanding: 0
Zxid: 0xe03
Mode: standalone
Node count: 68

-645904997 | 2024-04-20T02:57:57.453777

4433 / tcp

HTTP/1.1 200 OK
Server:  
Date: Sat, 20 Apr 2024 02:58:44 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 6458
Connection: keep-alive
X-Frame-Options: sameorigin
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: private, proxy-revalidate no-transform
Pragma: private, proxy-revalidate, no-transform

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            8b:03:fb:02:19:fa:fe:3d
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=cn, ST=guangdong, L=shenzhen, O=sangfor, OU=sf, CN=sangfor.com
        Validity
            Not Before: Feb  8 13:26:02 2024 GMT
            Not After : Feb  7 13:26:02 2025 GMT
        Subject: C=cn, ST=guangdong, O=sangfor, OU=af, CN=SANGFOR
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ef:a1:c4:6e:00:d8:e9:44:e4:74:b5:c4:d8:79:
                    99:e2:57:a2:46:58:b2:91:c9:3e:68:a5:f9:18:1a:
                    e9:ad:1c:32:4b:bb:83:ee:89:c0:3c:52:cf:06:47:
                    82:cb:8c:97:39:e6:4b:a6:7a:5d:9d:89:8f:c0:34:
                    27:45:e9:4c:84:94:1a:48:3e:e4:4b:dc:a8:b8:a8:
                    99:6d:91:36:42:30:b9:de:e5:7d:3e:e2:6e:de:88:
                    de:83:28:e3:5d:b2:b3:1e:fb:20:60:d4:dc:a0:ac:
                    75:91:c2:0e:dd:cb:27:70:a7:57:b9:1b:a6:15:c4:
                    ad:e9:f3:98:7c:b8:f2:c6:9f:4b:75:7a:97:7a:b3:
                    c3:fe:f8:40:92:32:0b:a3:49:ea:cb:71:9b:51:8c:
                    f5:87:ca:a6:6b:3e:d8:e5:9a:7e:9d:9f:21:8c:db:
                    81:95:f9:b1:40:61:34:8a:cf:5b:0c:80:94:7f:7c:
                    0a:a8:17:03:7c:5e:93:93:76:90:a8:e8:5e:0b:f7:
                    0f:02:39:ed:c6:21:e7:f3:1c:c7:43:ff:cd:10:cd:
                    c9:5d:9e:7e:40:db:d2:18:1e:ce:b5:b6:c7:f4:c0:
                    f5:9d:74:15:d0:c6:ed:8b:d3:2c:5a:b5:4c:c4:43:
                    5b:6f:11:ef:b2:2d:ed:4c:ac:16:04:ef:9a:15:4d:
                    1b:35
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: 
                Digital Signature, Non Repudiation, Key Encipherment
            X509v3 Subject Alternative Name: 
                IP Address:10.251.251.251, DNS:10.251.251.251
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        54:1c:df:0d:91:03:d8:f2:d4:a7:a6:b0:6a:8b:6f:cb:24:19:
        5e:c4:a1:e7:8c:04:3f:de:83:cf:d4:f8:07:37:df:c4:5b:9b:
        f1:9d:73:a4:b7:6b:99:8b:ec:77:81:fb:9b:88:d5:02:a8:0b:
        8e:d2:c3:8f:57:9c:7c:99:96:69:06:4e:5b:ca:9e:c3:a6:f3:
        81:7e:a1:53:30:16:72:4a:dd:8a:37:89:f7:dd:c3:b1:da:7c:
        49:79:ca:66:08:35:04:72:7b:e5:00:72:62:d3:37:c3:f9:fd:
        84:09:1d:a4:80:b2:c9:71:0b:0c:d3:91:c8:56:0e:68:29:27:
        66:e8:a0:33:c2:a3:c5:e4:66:be:d6:78:21:7a:d7:ac:80:19:
        30:16:d8:99:be:ba:96:7d:30:72:00:2d:6e:e7:f7:40:d7:8e:
        3e:45:0a:90:1e:ac:34:5b:1e:6e:f9:2f:ef:16:58:38:2e:b6:
        83:34:09:13:8a:45:c4:e3:a3:55:e1:53:65:9c:2a:d3:56:a3:
        68:97:97:dc:eb:e3:45:f4:36:a6:70:6e:e6:f4:62:00:f6:23:
        81:d6:8a:c3:f7:92:ca:2a:48:ef:6a:80:d9:4d:1f:3b:57:7c:
        c1:90:7e:84:27:13:6d:7a:94:2f:cf:84:16:62:40:2d:f9:a5:
        fc:4d:b7:a6

32382133 | 2024-05-05T20:56:15.366797

8009 / tcp

<html><head><title>Apache Tomcat/7.0.52 - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 404 - /asdadadas</h1><HR size="1" noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b> <u>/asdadadas</u></p><p><b>description</b> <u>The requested resource is not available.</u></p><HR size="1" noshade="noshade"><h3>Apache Tomcat/7.0.52</h3></body></html>

649940489 | 2024-04-26T07:00:50.433949

8090 / tcp

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Access-Control-Max-Age: 3628800
Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, X-Token, lang
Access-Control-Expose-Headers: *
Set-Cookie: JSESSIONID=3CA06E8A0468773756AC539DF7444A22; Path=/; HttpOnly
Content-Type: text/html;charset=utf-8
Content-Length: 200
Date: Fri, 26 Apr 2024 07:00:50 GMT

796505379 | 2024-05-04T01:08:15.810053

8888 / tcp

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 88
Server: ICS-HttpServer-8.58

-526572562 | 2024-04-28T09:53:24.646836

9001 / tcp

HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Sun, 28 Apr 2024 09:53:08 GMT
Content-Type: text/html
Content-Length: 153
Connection: keep-alive

<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx/1.20.2</center>
</body>
</html>

122.224.118.26

Last Seen: 2024-05-05

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1268766932 | 2024-05-02T10:23:40.531448
80 / tcp

Apache Tomcat/Coyote JSP engine1.1

-674555174 | 2024-04-30T13:27:39.802708
81 / tcp

-1278912815 | 2024-05-04T13:27:28.595465
1883 / tcp

MQTT

-1697609656 | 2024-05-04T06:37:31.763884
2181 / tcp

-645904997 | 2024-04-20T02:57:57.453777
4433 / tcp

32382133 | 2024-05-05T20:56:15.366797
8009 / tcp

Apache Tomcat7.0.52

649940489 | 2024-04-26T07:00:50.433949
8090 / tcp

796505379 | 2024-05-04T01:08:15.810053
8888 / tcp

-526572562 | 2024-04-28T09:53:24.646836
9001 / tcp

nginx1.20.2

Products

Pricing

Contact Us

122.224.118.26

Last Seen: 2024-05-05

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

-1268766932 | 2024-05-02T10:23:40.531448 80 / tcp

Apache Tomcat/Coyote JSP engine1.1

-674555174 | 2024-04-30T13:27:39.802708 81 / tcp

-1278912815 | 2024-05-04T13:27:28.595465 1883 / tcp

MQTT

-1697609656 | 2024-05-04T06:37:31.763884 2181 / tcp

-645904997 | 2024-04-20T02:57:57.453777 4433 / tcp

32382133 | 2024-05-05T20:56:15.366797 8009 / tcp

Apache Tomcat7.0.52

649940489 | 2024-04-26T07:00:50.433949 8090 / tcp

796505379 | 2024-05-04T01:08:15.810053 8888 / tcp

-526572562 | 2024-04-28T09:53:24.646836 9001 / tcp

nginx1.20.2

Products

Pricing

Contact Us

-1268766932 | 2024-05-02T10:23:40.531448
80 / tcp

-674555174 | 2024-04-30T13:27:39.802708
81 / tcp

-1278912815 | 2024-05-04T13:27:28.595465
1883 / tcp

-1697609656 | 2024-05-04T06:37:31.763884
2181 / tcp

-645904997 | 2024-04-20T02:57:57.453777
4433 / tcp

32382133 | 2024-05-05T20:56:15.366797
8009 / tcp

649940489 | 2024-04-26T07:00:50.433949
8090 / tcp

796505379 | 2024-05-04T01:08:15.810053
8888 / tcp

-526572562 | 2024-04-28T09:53:24.646836
9001 / tcp