nginx 1.14.0
tcp/443 tcp/80
An attacker can make use of this vulnerability to step out of the root directory and access other parts of the file system.
This might give the attacker the ability to view restricted files, which could provide the attacker with more information required to further compromise the system.
https://www.acunetix.com/websitesecurity/directory-traversal/
Severity: critical
Fingerprint: ac4d53c4832b2491c591c07dcc7199b7b78d70e3b78d70e391099de59889ad02
Found host file trough Directory traversal: 127.0.0.1 localhost 127.0.1.1 dei-sa1 # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 10.216.77.79 bocuhvvm-1306 10.216.77.68 bocuhvvm-1305 10.216.77.74 bocuhvvm-1437 10.117.8.195 dei-sa1
Severity: critical
Fingerprint: ac4d53c4832b2491752255c435b0f8ec263e7bf6263e7bf60ce1e3c412ccd0d1
Found host file trough Apache traversal: 127.0.0.1 localhost 127.0.1.1 dei-sa1 # the following lines are desirable for ipv6 capable hosts ::1 ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters 10.216.77.79 bocuhvvm-1306 10.216.77.68 bocuhvvm-1305 10.216.77.74 bocuhvvm-1437 10.117.8.195 dei-sa1
Open service 186.154.239.45:80
2024-04-24 18:34
HTTP/1.1 301 Moved Permanently Server: nginx/1.14.0 (Ubuntu) Date: Wed, 24 Apr 2024 18:34:28 GMT Content-Type: text/html Content-Length: 194 Connection: close Location: https://186.154.239.45/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body bgcolor="white"> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.14.0 (Ubuntu)</center> </body> </html>
Open service 186.154.239.45:443 · cpitb.movilidadbogota.gov.co
2024-04-19 17:00
HTTP/1.1 404 Not Found Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 Apr 2024 17:00:40 GMT Content-Type: text/html; charset=UTF-8 Content-Length: 0 Connection: close X-Request-Id: 47839e6e-00ce-4e8f-a471-f2a063d7762b X-Runtime: 0.001647 Vary: Origin
Open service 186.154.239.45:80 · cpitb.movilidadbogota.gov.co
2024-04-19 17:00
HTTP/1.1 301 Moved Permanently Server: nginx/1.14.0 (Ubuntu) Date: Fri, 19 Apr 2024 17:00:36 GMT Content-Type: text/html Content-Length: 194 Connection: close Location: https://cpitb.movilidadbogota.gov.co/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body bgcolor="white"> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.14.0 (Ubuntu)</center> </body> </html>