LeakIX - Host 188.59.104.21

Host 188.59.104.21

Türkiye

Turkcell Iletisim Hizmetleri A.s.

Software information

lighttpd 1.4.35

tcp/443 tcp/80

Vulnerable HiSilicon family DVR

This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).

Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device

IP: 188.59.104.21
Port: 80
URL: http://188.59.104.21

First seen 2022-05-14 23:37
Last seen 2024-02-19 02:28
Open for 645 days
- Severity: high
  Fingerprint: 321975614123c6c05f83e99b9ef7d2d583a0925683a0925683a0925683a09256
```
Found HiSiliconDVR firmware:
Hardware: General TVI9708H_H
Vulnerable to multiple issues : LFI, possibly RCE
```
  Found on 2024-02-19 02:28
Create report

Open service 188.59.104.21:443

2024-09-11 18:26

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "3691712708"
Last-Modified: Fri, 29 Dec 2023 11:45:31 GMT
Content-Length: 73
Connection: close
Date: Thu, 04 Jan 2024 16:46:44 GMT
Server: lighttpd/1.4.35


<html>
<script>
location.href = "/gui/login.cgi";
</script>
</html>

Found 2024-09-11 by HttpPlugin

Create report

Open service 188.59.104.21:80

2024-09-09 22:50

HTTP/1.1 200 OK
Content-Type: text/html
Accept-Ranges: bytes
ETag: "3691712708"
Last-Modified: Fri, 29 Dec 2023 11:45:31 GMT
Content-Length: 73
Connection: close
Date: Tue, 02 Jan 2024 21:10:53 GMT
Server: lighttpd/1.4.35


<html>
<script>
location.href = "/gui/login.cgi";
</script>
</html>

Found 2024-09-09 by HttpPlugin

Create report

Fingerprint:

d07d1f33c23176c83b5979be10e4da05bfbab6dc320edc9b830731dda74230e2

CN:

route

Key:

RSA-2048

Issuer:

route

Not before:

2019-03-18 11:21

Not after:

2039-03-13 11:21

Domain summary

No record

Host 188.59.104.21

Türkiye

Software information

Vulnerable HiSilicon family DVR

Create report

Create report

Domain summary