LeakIX - Host 122.117.208.23

Host 122.117.208.23

Taiwan

Data Communication Business Group

Software information

Apache Apache

tcp/5005 tcp/5006

nginx nginx

tcp/5000

Vulnerable HiSilicon family DVR

This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).

Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device

IP: 122.117.208.23
Port: 80
URL: http://122.117.208.23

First seen 2022-05-27 00:07
Last seen 2023-04-13 04:33
Open for 321 days
- Severity: high
  Fingerprint: 321975614123c6c05f83e99b1daaa3babaee656bbaee656bbaee656bbaee656b
```
Found HiSiliconDVR firmware:
Hardware: General AHB7008T-GS-V3
Vulnerable to multiple issues : LFI, possibly RCE
```
  Found on 2022-05-27 00:07
Create report

Open service 122.117.208.23:5000

2024-04-25 15:41

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 25 Apr 2024 15:41:32 GMT
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Security-Policy: base-uri 'self';  connect-src ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://www.synology.cn/ http://*.synology.com http://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com; media-src 'self' data: about:;  script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com;

Page title: DSM mobile - DS218

<!DOCTYPE HTML>
<html manifest="">
<head>
	<meta charset="UTF-8">
	<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
	<title>DSM mobile - DS218</title>
	<link href="/scripts/sencha-touch-2.4.1/resources/css/cupertino.css?v=25556" rel="stylesheet" type="text/css">
	<link href="mobile/ui/style.css?v=25556" rel="stylesheet" type="text/css">
	<link rel="shortcut icon" href="webman/favicon.ico?v=25556">
	<script type="text/javascript" src="webapi/entry.cgi?api=SYNO.Core.Desktop.SessionData&amp;version=1&amp;method=getjs_mobile&amp;SynoToken="></script>
	<script type="text/javascript" src="/scripts/sencha-touch-2.4.1/touch.js?v=25556"></script>
	<script src="webapi/entry.cgi?api=SYNO.Core.Desktop.JSUIString&amp;version=1&amp;method=getjs&amp;lang=enu&amp;v=25556"></script>
	<script src="webapi/entry.cgi?api=SYNO.Core.Desktop.UIString&amp;version=1&amp;method=getjs&amp;lang=enu&amp;v=25556"></script>
	<script src="webapi/entry.cgi?api=SYNO.Core.Desktop.Defs&amp;version=1&amp;method=getjs&amp;v=25556&amp;SynoToken="></script>
	<script type="text/javascript" src="mobile/ui/mobile.js?v=25556"></script>
	<script type="text/javascript" src="/synoSDSjslib/webapierrorcode.js?v=25556"></script>
	
</head>
<body class="syno-mobile-body">
	<div class="x-mask x-loading-mask syno-mask" id="syno-mobile-preinit-mask" style="width:100%; height: 100%;">
		<div class="syno-mask-ct" id="syno-mask-ct">
			<div class="syno-mask-inner" id="syno-mask-loading">
				<div class="syno-loading-icon"></div>
				<div class="syno-message x-mask-message syno-mask-message">Loading...</div>
			</div>
			<div id="syno-non-admin-redirect" style="visibility: hidden;">
				<div class="syno-upper-part"><span id="syno-non-admin-redirect-desc"></span></div>
				<div class="syno-lower-part"><a id="syno-non-admin-redirect-button" class="x-syno-button" href="/?forceDesktop=2"></a></div>
			</div>
		</div>
	</div>
</body>
</html>

Found 2024-04-25 by HttpPlugin

Create report

Open service 122.117.208.23:5005

2024-04-24 21:10

HTTP/1.1 404 Not Found
Date: Wed, 24 Apr 2024 21:10:47 GMT
Server: Apache
Content-Length: 198
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 404 Not Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL / was not found on this server.</p>
</body></html>

Found 2024-04-24 by HttpPlugin

Create report

Open service 122.117.208.23:5006

2024-04-24 08:16

HTTP/1.1 404 Not Found
Date: Wed, 24 Apr 2024 08:16:29 GMT
Server: Apache
Content-Length: 198
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 404 Not Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL / was not found on this server.</p>
</body></html>

Found 2024-04-24 by HttpPlugin

Create report

Open service 122.117.208.23:5000

2024-04-23 23:21

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 23 Apr 2024 23:21:48 GMT
Content-Type: text/html; charset="UTF-8"
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
Cache-control: no-store
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Security-Policy: base-uri 'self';  connect-src ws: wss: *; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self' https://gofile.me http://gofile.me; frame-src 'self' data: blob: https://*.synology.com https://www.synology.cn/ http://*.synology.com http://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com; media-src 'self' data: about:;  script-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://*.google.com https://*.googleapis.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com;

Page title: DSM mobile - DS218

<!DOCTYPE HTML>
<html manifest="">
<head>
	<meta charset="UTF-8">
	<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
	<title>DSM mobile - DS218</title>
	<link href="/scripts/sencha-touch-2.4.1/resources/css/cupertino.css?v=25556" rel="stylesheet" type="text/css">
	<link href="mobile/ui/style.css?v=25556" rel="stylesheet" type="text/css">
	<link rel="shortcut icon" href="webman/favicon.ico?v=25556">
	<script type="text/javascript" src="webapi/entry.cgi?api=SYNO.Core.Desktop.SessionData&amp;version=1&amp;method=getjs_mobile&amp;SynoToken="></script>
	<script type="text/javascript" src="/scripts/sencha-touch-2.4.1/touch.js?v=25556"></script>
	<script src="webapi/entry.cgi?api=SYNO.Core.Desktop.JSUIString&amp;version=1&amp;method=getjs&amp;lang=enu&amp;v=25556"></script>
	<script src="webapi/entry.cgi?api=SYNO.Core.Desktop.UIString&amp;version=1&amp;method=getjs&amp;lang=enu&amp;v=25556"></script>
	<script src="webapi/entry.cgi?api=SYNO.Core.Desktop.Defs&amp;version=1&amp;method=getjs&amp;v=25556&amp;SynoToken="></script>
	<script type="text/javascript" src="mobile/ui/mobile.js?v=25556"></script>
	<script type="text/javascript" src="/synoSDSjslib/webapierrorcode.js?v=25556"></script>
	
</head>
<body class="syno-mobile-body">
	<div class="x-mask x-loading-mask syno-mask" id="syno-mobile-preinit-mask" style="width:100%; height: 100%;">
		<div class="syno-mask-ct" id="syno-mask-ct">
			<div class="syno-mask-inner" id="syno-mask-loading">
				<div class="syno-loading-icon"></div>
				<div class="syno-message x-mask-message syno-mask-message">Loading...</div>
			</div>
			<div id="syno-non-admin-redirect" style="visibility: hidden;">
				<div class="syno-upper-part"><span id="syno-non-admin-redirect-desc"></span></div>
				<div class="syno-lower-part"><a id="syno-non-admin-redirect-button" class="x-syno-button" href="/?forceDesktop=2"></a></div>
			</div>
		</div>
	</div>
</body>
</html>

Found 2024-04-23 by HttpPlugin

Create report

Open service 122.117.208.23:5005

2024-04-22 22:48

HTTP/1.1 404 Not Found
Date: Mon, 22 Apr 2024 22:48:44 GMT
Server: Apache
Content-Length: 198
Connection: close
Content-Type: text/html; charset=iso-8859-1

Page title: 404 Not Found

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>404 Not Found</title>
</head><body>
<h1>Not Found</h1>
<p>The requested URL / was not found on this server.</p>
</body></html>

Found 2024-04-22 by HttpPlugin

Create report

Fingerprint:

fee22f98fdb949484d23b36cc80426f86e1e4bb4634ff74fb23328ad78991ed7

CN:

synology.com

Key:

RSA-2048

Issuer:

Synology Inc. CA

Not before:

2018-04-24 14:41

Not after:

2038-01-09 14:41

Domain summary

No record

Host 122.117.208.23

Taiwan

Software information

Vulnerable HiSilicon family DVR

Create report

Create report

Create report

Create report

Create report

Domain summary