nginx
tcp/80
Elasticsearch and/or Kibana is currently open without authentication.
This results in all the database data made available publicly.
Severity: medium
Fingerprint: 831cb76b8e05df46b6fc31d6ecae9a660a805470dd153baf6fc4fdfccc97511c
Indices: 8, document count: 17, size: 269.4 kB Through Kibana endpoint Found index casa with 0 documents (283 B) Found index .kibana_1 with 9 documents (207.3 kB) Found index test with 1 documents (3.7 kB) Found index cgi-bin with 1 documents (6.1 kB) Found index service with 1 documents (19.7 kB) Found index minio with 2 documents (5.9 kB) Found index api with 1 documents (4.5 kB) Found index .kibana_task_manager with 2 documents (22.0 kB)
Severity: medium
Fingerprint: 831cb76b8e05df46b6fc31d6ecae9a660a805470fc07592299156dfdae70b905
Indices: 8, document count: 17, size: 269.4 kB Through Kibana endpoint Found index casa with 0 documents (283 B) Found index .kibana_1 with 9 documents (207.2 kB) Found index test with 1 documents (3.7 kB) Found index cgi-bin with 1 documents (6.1 kB) Found index service with 1 documents (19.7 kB) Found index minio with 2 documents (5.9 kB) Found index api with 1 documents (4.5 kB) Found index .kibana_task_manager with 2 documents (22.0 kB)
Severity: medium
Fingerprint: 831cb76b8e05df46351544fc39289fbcd0f00ac64609ee264609ee264609ee26
Indices: 2, document count: 11, size: 229.2 kB Through Kibana endpoint Found index .kibana_1 with 9 documents (207.2 kB) Found index .kibana_task_manager with 2 documents (22.0 kB)
A JSON configuration file has been found at config.json
.
It may contains application configuration such as credentials.
False positive might happen when hitting a JSON API endpoint.
Fingerprint: b18befd9dd65368284d7ebff84d7ebff84d7ebff84d7ebff84d7ebff84d7ebff
{"ResultCode":-1000,"ResultMessage":"参数错误[ClientType不能为空]","SynDate":"2023-08-24 05:27:25","Value":null}
Fingerprint: b18befd9dd653682ede03ee2ede03ee2ede03ee2ede03ee2ede03ee2ede03ee2
{"ResultCode":-1000,"ResultMessage":"参数错误[ClientType不能为空]","SynDate":"2023-08-21 08:13:09","Value":null}
Fingerprint: b18befd9dd65368232f1989d32f1989d32f1989d32f1989d32f1989d32f1989d
{"ResultCode":-1000,"ResultMessage":"参数错误[ClientType不能为空]","SynDate":"2023-08-20 03:40:48","Value":null}
Fingerprint: b18befd9dd6536824ede6d164ede6d164ede6d164ede6d164ede6d164ede6d16
{"ResultCode":-1000,"ResultMessage":"参数错误[ClientType不能为空]","SynDate":"2023-07-19 03:53:51","Value":null}
Fingerprint: b18befd9dd65368245101b5645101b5645101b5645101b5645101b5645101b56
{"ResultCode":-1000,"ResultMessage":"参数错误[ClientType不能为空]","SynDate":"2023-06-28 00:53:40","Value":null}
Fingerprint: b18befd9dd653682eb1b64c8eb1b64c8eb1b64c8eb1b64c8eb1b64c8eb1b64c8
{"ResultCode":-1000,"ResultMessage":"参数错误[ClientType不能为空]","SynDate":"2023-06-10 13:20:25","Value":null}
Fingerprint: b18befd9dd653682678b3dce678b3dce678b3dce678b3dce678b3dce678b3dce
{"ResultCode":-1000,"ResultMessage":"参数错误[ClientType不能为空]","SynDate":"2023-05-26 08:02:43","Value":null}
Open service 124.160.114.154:80
2024-05-23 01:28
HTTP/1.1 200 OK Server: nginx Date: Thu, 23 May 2024 01:28:28 GMT Content-Type: text/html Content-Length: 138 Last-Modified: Mon, 28 Aug 2023 03:04:39 GMT Connection: close ETag: "64ec0ec7-8a" Strict-Transport-Security: max-age=31536000 Accept-Ranges: bytes Page title: 404 Not Found <html> <head><title>404 Not Found</title></head> <body> <center><h1>404 Not Found</h1></center> <hr><center>nginx</center> </body> </html>