LeakIX - Host 2.237.115.174

Host 2.237.115.174

Italy

Fastweb

Software information

uc-httpd 1.0.0

tcp/81

Vulnerable HiSilicon family DVR

This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).

Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device

IP: 2.237.115.174
Port: 81
URL: http://2.237.115.174:81

First seen 2022-05-29 22:50
Last seen 2023-01-31 01:29
Open for 246 days
- Severity: high
  Fingerprint: 321975614123c6c05f83e99b92d3bae969cab2ea69cab2ea69cab2ea69cab2ea
```
Found HiSiliconDVR firmware:
Hardware: General MBD9304D-F
Vulnerable to multiple issues : LFI, possibly RCE
```
  Found on 2022-05-29 22:50
Create report

Open service 2.237.115.174:81

2022-12-22 01:02

Content-type: text/html
Server: uc-httpd/1.0.0
Cache-Control: max-age=2592000
Connection: Close

Page title: Web Client

Found 2022-12-22 by HttpPlugin

Create report

Open service 2.237.115.174:81

2023-01-31 01:29

HTTP/1.1 200 OK
Content-type: text/html
Server: uc-httpd/1.0.0
Cache-Control: max-age=2592000
Connection: Close

Page title: Web Client

Found 2023-01-31 by HttpPlugin

Create report

Open service 2.237.115.174:81

2022-12-06 15:23

Content-type: text/html
Server: uc-httpd/1.0.0
Cache-Control: max-age=2592000
Connection: Close

Page title: Web Client

Found 2022-12-06 by HttpPlugin

Create report

Domain summary

No record

(C) 2022 LeakIX
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice