Apache 2.2.22
tcp/84
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b5905cd03664d4478664d4478664d4478664d4478
Found HiSiliconDVR firmware: Hardware: NOCRYPO AHD9708H_H Vulnerable to multiple issues : LFI, possibly RCE
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b5905cd03664d4478664d4478664d4478664d4478
Found HiSiliconDVR firmware: Hardware: NOCRYPO AHD9708H_H Vulnerable to multiple issues : LFI, possibly RCE
Open service 110.232.87.2:84
2024-06-20 21:45
HTTP/1.1 200 OK Date: Thu, 20 Jun 2024 21:45:40 GMT Server: Apache/2.2.22 (Fedora) X-Powered-By: PHP/5.3.13 Set-Cookie: PHPSESSID=kf8nl1n4k9iqjmgga5mrulbls6; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Content-Length: 2132 Connection: close Content-Type: text/html; charset=UTF-8 Page title: AIG Life Information System <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head> <title>AIG Life Information System</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <link rel="stylesheet" type="text/css" media="screen" href="/public/styles/style.css" /> <script type="text/javascript" src="/public/scripts/number.js"></script> <script type="text/javascript" src="/public/scripts/jquery.js"></script> <script type="text/javascript" src="/public/scripts/jquery.jqURL.js"></script> <script type="text/javascript" src="/public/scripts/jquery.upper.js"></script> <script type="text/javascript" src="/public/scripts/form.js"></script> </head> <script type="text/javascript"> $(document).ready(function(){ $("#username").focus(); }); </script> <body> <div id="content"> <div id="banner"> <img src="/public/images/aig-logo.gif" alt="Aig Life logo" /> <h1>Life Information System</h1> </div> <div id="login"> <form action="/index/login" method="POST"> <div id="row" style="height:40px"> <div class="field" style="width:80px;">Username</div> <div class="field" style="width:10;">:</div> <div class="field" style="width:100px;"> <input type="text" name="username" id="username" value="" size="20"> </div> </div> <div id="row" style="height:40px"> <div class="field" style="width:80px;">Password</div> <div class="field" style="width:10;">:</div> <div class="field" style="width:100px;"> <input type="password" name="password" id="password" value="" size="20"> </div> </div> <div id="row" style="height:40px"> <div class="field"> <input type="submit" name="submit" id="submit" value="Login"> </div> </div> </form> </div> <div id="footer"> © 2007 AIG Life Information System </div> </div> </body> </html>
Open service 110.232.87.2:443
2024-06-15 12:33
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /> <blockquote>Hint: <a href="https://www.josephinexcellent.com/"><b>https://www.josephinexcellent.com/</b></a></blockquote></p> <hr> <address>Apache/2.2.22 (Fedora) Server at www.josephinexcellent.com Port 443</address> </body></html>
Open service 110.232.87.2:3306
2024-06-13 19:42
MySQL detected