LeakIX - Host 113.161.185.20

Host 113.161.185.20

Vietnam

VNPT Corp

Software information

Boa 0.94.14rc21

tcp/8081

Vulnerable HiSilicon family DVR

This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).

Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device

IP: 113.161.185.20
Port: 81
URL: http://113.161.185.20:81

First seen 2022-05-29 23:25
- Severity: high
  Fingerprint: 321975614123c6c05f83e99b0bea47c0987bc785987bc785987bc785987bc785
```
Found HiSiliconDVR firmware:
Hardware: General ECT7004T-MHV2
Vulnerable to multiple issues : LFI, possibly RCE
```
  Found on 2022-05-29 23:25
Create report

Open service 113.161.185.20:88

2023-01-04 00:14
```
Content-type: text/html
Expires: 0

Page title: NETSurveillance WEB
```
Found 2023-01-04 by HttpPlugin
Create report
Open service 113.161.185.20:88

2023-01-15 04:55
Found 2023-01-15 by HttpPlugin
Create report

Open service 113.161.185.20:81

2023-01-11 19:57

Content-type: text/html
Server: uc-httpd 1.0.0
Expires: 0

Page title: NETSurveillance WEB

Found 2023-01-11 by HttpPlugin

Create report

Open service 113.161.185.20:8081

2022-12-20 17:39

Date: Wed, 21 Dec 2022 00:38:00 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: close
Content-Length: 26928
Last-Modified: Tue, 21 Jun 2022 06:40:54 GMT
Content-Type: text/html

Page title: IP CAMERA

Found 2022-12-20 by HttpPlugin

Create report

Open service 113.161.185.20:88

2023-01-22 21:56
```
Content-type: text/html
Expires: 0

Page title: NETSurveillance WEB
```
Found 2023-01-22 by HttpPlugin
Create report

Open service 113.161.185.20:443

2022-11-27 02:33

Pragma: no-cache
Location: /weblogin.htm
Content-type: text/html

Page title: 302 Document moved

<html>
  <head>
  <title>302 Document moved</title>
  </head>
<body>

This document has moved <A HREF="/weblogin.htm">here</A>.<P>
</body>
</html>

Found 2022-11-27 by HttpPlugin

Create report

Open service 113.161.185.20:81

2022-12-12 15:15

Content-type: text/html
Server: uc-httpd 1.0.0
Expires: 0

Page title: NETSurveillance WEB

Found 2022-12-12 by HttpPlugin

Create report

Open service 113.161.185.20:88

2022-12-11 11:45
```
Content-type: text/html
Expires: 0

Page title: NETSurveillance WEB
```
Found 2022-12-11 by HttpPlugin
Create report

Open service 113.161.185.20:8081

2022-12-08 04:10

Date: Thu, 08 Dec 2022 11:10:26 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: close
Content-Length: 26928
Last-Modified: Tue, 21 Jun 2022 06:40:54 GMT
Content-Type: text/html

Page title: IP CAMERA

Found 2022-12-08 by HttpPlugin

Create report

Open service 113.161.185.20:443

2022-12-07 01:28
Found 2022-12-07 by HttpPlugin
Create report

Fingerprint:

0d710a7c611efd83e560b215a13c55f400cb1b24dc323d233fdd2813a855a971

CN:

Vigor Router

Key:

RSA-2048

Issuer:

Vigor Router

Not before:

2018-08-09 16:34

Not after:

2048-08-08 16:34

Domain summary

No record

Host 113.161.185.20

Vietnam

Software information

Vulnerable HiSilicon family DVR

Domain summary