LeakIX - Host 54.164.158.239

Host 54.164.158.239

United States

AMAZON-AES

Exposed GoAnywhere MFT administration interface

Exposed GoAnywhere MFT are subject to an unfixed 0day RCE and should be considered unsafe when made public.

IP: 54.164.158.239
Port: 8001
URL: https://54.164.158.239:8001

First seen 2022-11-28 13:00
Last seen 2024-01-17 12:50
Open for 414 days

Severity: critical
Fingerprint: b1a07937af044f4619de6baab5894bf3b5894bf3b5894bf3b5894bf3b5894bf3
```
Found vulnerable GoAnywhere MFT:
Affected by CVE-2023-0669
```
Found on 2024-01-17 12:50

Fingerprint: b1a07937b9045eb39aa85ab5375b7811544656e07db4607f4f04451222ee46ba

HTTP/1.1 302 Found
Server: Apache-Coyote/1.1
Set-Cookie: RSESSIONID=5C2D2DD3AF576B2E149966959F90469B; Path=/; Secure; HttpOnly
Location: /goanywhere
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Thu, 02 Feb 2023 23:54:01 GMT
Connection: close

Found on 2023-02-02 23:53

Fingerprint: b1a07937a2043ad77ce9e52bf7f361856ce60ed8d3e4bf47055250ef0645abc3

Server: Apache-Coyote/1.1
Set-Cookie: RSESSIONID=33903935C68DE94846A9A3777D9E3B7C; Path=/; Secure; HttpOnly
Location: /goanywhere
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Tue, 20 Dec 2022 14:51:30 GMT
Connection: close

Found on 2022-12-20 14:51

Fingerprint: b1a07937a2043ad77ce9e52b79e7770befb92ffeaeee39458f5facad8fb2d4c9

Server: Apache-Coyote/1.1
Set-Cookie: RSESSIONID=8F9D42BA2D56B395A39803E178F85E56; Path=/; Secure; HttpOnly
Location: /goanywhere
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Mon, 28 Nov 2022 13:00:34 GMT
Connection: close

Found on 2022-11-28 13:00

Create report

Domain summary

No record