nginx 1.18.0
tcp/80
The Kafka instance is available to the public without authentication.
An attacker could connect to the queue to extract private/confidential information in real-time.
Fingerprint: 43224224eeda9da960defeaac8049b65255d034911e43dd911e43dd911e43dd9
NoAuth Found topic dss_nginx_logs_test Found topic dss_nginx_logs_dev Found topic __consumer_offsets
Fingerprint: 43224224eeda9da960defeaa0efe442ae38defe5e29e63c9e29e63c9e29e63c9
NoAuth Found topic __consumer_offsets Found topic dss_nginx_logs_test Found topic dss_nginx_logs_dev
Fingerprint: 43224224eeda9da960defeaa772df75e8b180cdee63a3a11e63a3a11e63a3a11
NoAuth Found topic dss_nginx_logs_dev Found topic __consumer_offsets Found topic dss_nginx_logs_test
The Redis instance is open to the public.
This could result to data leak and code execution.
Severity: medium
Fingerprint: d606b92f1b5fdf18b169eb24b169eb24b169eb24b169eb24b169eb24b169eb24
Redis is open with 245 keys in dbs
Open service 43.129.9.111:80
2024-05-27 11:33
HTTP/1.1 403 Forbidden Server: nginx/1.18.0 (Ubuntu) Date: Mon, 27 May 2024 11:33:28 GMT Content-Type: text/html Content-Length: 564 Connection: close Vary: Accept-Encoding Page title: 403 Forbidden <html> <head><title>403 Forbidden</title></head> <body> <center><h1>403 Forbidden</h1></center> <hr><center>nginx/1.18.0 (Ubuntu)</center> </body> </html> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page --> <!-- a padding to disable MSIE and Chrome friendly error page -->