LeakIX - Host 210.196.72.53

Host 210.196.72.53

Japan

KDDI CORPORATION

Exposed GoAnywhere MFT administration interface

Exposed GoAnywhere MFT are subject to an unfixed 0day RCE and should be considered unsafe when made public.

IP: 210.196.72.53
Port: 8000
URL: http://210.196.72.53:8000

First seen 2022-11-24 12:21
Last seen 2023-03-29 12:01
Open for 124 days
- Severity: critical
  Fingerprint: b1a07937af044f4619de6baab5894bf3b5894bf3b5894bf3b5894bf3b5894bf3
```
Found vulnerable GoAnywhere MFT:
Affected by CVE-2023-0669
```
  Found on 2023-03-29 12:01
- Fingerprint: b1a07937b9045eb34a1c93d791d00aa2990480792baea154886cd37ac3cdb19c
```
HTTP/1.1 302 
Set-Cookie: RSESSIONID=AB287106C60053B98AF0D696D1043358; Path=/; HttpOnly
Location: /goanywhere
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Fri, 03 Feb 2023 04:10:39 GMT
Connection: close
```
  Found on 2023-02-03 04:10
- Fingerprint: b1a07937a2043ad7115b84c006ab979f7657ecf2ead62140fcf3e45afcf3e45a
```
Set-Cookie: RSESSIONID=D35C380902DA6F1E28EACF967E778FD3; Path=/; HttpOnly
Location: /goanywhere
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Thu, 24 Nov 2022 12:21:50 GMT
Connection: close
```
  Found on 2022-11-24 12:21
Create report
Exposed GoAnywhere MFT administration interface

Exposed GoAnywhere MFT are subject to an unfixed 0day RCE and should be considered unsafe when made public.

IP: 210.196.72.53
Port: 8001
URL: https://210.196.72.53:8001

First seen 2023-01-04 12:33
- Fingerprint: b1a07937a2043ad71403a21ef5013dad436d30e8eb6552968143262081432620
```
Set-Cookie: RSESSIONID=3C7D367BD97AD836FF9997E259A3B0DE; Path=/; Secure; HttpOnly
Location: /goanywhere
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Wed, 04 Jan 2023 12:34:01 GMT
Connection: close
```
  Found on 2023-01-04 12:33
Create report

Domain summary

No record

Host 210.196.72.53

Japan

Exposed GoAnywhere MFT administration interface

Exposed GoAnywhere MFT administration interface

Domain summary