Microsoft-IIS 10.0
tcp/2222
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b2711ab76525057b7525057b7525057b7525057b7
Found HiSiliconDVR firmware: Hardware: General HI3516EV100_50H20L_S38 Vulnerable to multiple issues : LFI, possibly RCE
Open service 183.80.126.254:2222
2024-09-12 01:49
HTTP/1.1 500 Internal Server Error Content-Type: text/html Server: Microsoft-IIS/10.0 Date: Thu, 12 Sep 2024 01:49:21 GMT Connection: close Content-Length: 1208 Page title: 500 - Internal server error. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/> <title>500 - Internal server error.</title> <style type="text/css"> <!-- body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;} fieldset{padding:0 15px 10px 15px;} h1{font-size:2.4em;margin:0;color:#FFF;} h2{font-size:1.7em;margin:0;color:#CC0000;} h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} #header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF; background-color:#555555;} #content{margin:0 0 0 2%;position:relative;} .content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;} --> </style> </head> <body> <div id="header"><h1>Server Error</h1></div> <div id="content"> <div class="content-container"><fieldset> <h2>500 - Internal server error.</h2> <h3>There is a problem with the resource you are looking for, and it cannot be displayed.</h3> </fieldset></div> </div> </body> </html>