LeakIX - Host 149.210.76.70

Host 149.210.76.70

Greece

Cosmote Mobile Telecommunications S.A.

Vulnerable HiSilicon family DVR

This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).

Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device

IP: 149.210.76.70
Port: 8082
URL: http://149.210.76.70:8082

First seen 2024-07-17 01:21
- Severity: high
  Fingerprint: 321975614123c6c05f83e99b4ecaa5e1398b5c42398b5c42398b5c42398b5c42
```
Found HiSiliconDVR firmware:
Hardware: JvFeng_OverSea AHB7004T-MHV2
Vulnerable to multiple issues : LFI, possibly RCE
```
  Found on 2024-07-17 01:21
Create report
Detected HTTP traversal vulnerability

An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.

This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.

https://www.acunetix.com/websitesecurity/directory-traversal/

IP: 149.210.76.70
Port: 443
URL: https://149.210.76.70/cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts

First seen 2022-04-10 22:38
- Severity: critical
  Fingerprint: ac4d53c4832b2491c591c07df231d2bcf231d2bc8117f206b4436c27ccc1d846
```
Found host file trough Directory traversal:
127.0.0.1	localhost

# the following lines are desirable for ipv6 capable hosts
::1     ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
127.0.1.1	gwg
```
  Found on 2022-04-10 22:38
Create report

Domain summary

No record

Host 149.210.76.70

Greece

Vulnerable HiSilicon family DVR

Detected HTTP traversal vulnerability

Domain summary