LeakIX - Host 121.153.49.64

Host 121.153.49.64

South Korea

Korea Telecom

Software information

Webs

tcp/80

Vulnerable HiSilicon family DVR

This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).

Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device

IP: 121.153.49.64
Port: 8000
URL: http://121.153.49.64:8000

First seen 2023-05-17 17:14
Last seen 2024-06-29 21:15
Open for 409 days
- Severity: high
  Fingerprint: 321975614123c6c05f83e99bcb8e72f6fc184637fc184637fc184637fc184637
```
Found HiSiliconDVR firmware:
Hardware: General MBD6016E-E
Vulnerable to multiple issues : LFI, possibly RCE
```
  Found on 2024-06-29 21:15
Create report

Open service 121.153.49.64:80

2024-09-11 18:40

HTTP/1.1 200 OK
Date: Thu, 12 Sep 2024 03:38:16 GMT
Server: Webs
X-Frame-Options: SAMEORIGIN
ETag: "0-bda-1e1"
Content-Length: 481
Content-Type: text/html
Connection: close
Last-Modified: Fri, 08 Jan 2021 08:42:23 GMT


<!doctype html>
<html>
<head>
	<title></title>
	<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
	<meta http-equiv="X-UA-Compatible" content="IE=edge" >
	<meta http-equiv="Pragma" content="no-cache" />
	<meta http-equiv="Cache-Control" content="no-cache, must-revalidate" />
	<meta http-equiv="Expires" content="0" />
</head>
<body>
</body>
<script>
	window.location.href = "./doc/page/login.asp?_" + (new Date()).getTime();
</script>
</html>

Found 2024-09-11 by HttpPlugin

Create report

Domain summary

No record

Host 121.153.49.64

South Korea

Software information

Vulnerable HiSilicon family DVR

Create report

Domain summary