Host 59.126.200.58
Taiwan
Software information
nginx 1.20.1
tcp/80
-
Vulnerable HiSilicon family DVR
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
First seen 2022-05-14 23:41
Last seen 2024-10-07 20:17
Open for 876 days-
Severity: high
Fingerprint: 321975614123c6c05f83e99b74b6d9e701d3b64c01d3b64c01d3b64c01d3b64cFound HiSiliconDVR firmware: Hardware: General AHB7004T-MHV2 Vulnerable to multiple issues : LFI, possibly RCE
Found on 2024-10-07 20:17
-
-
Open service 59.126.200.58:80
2024-10-31 22:44
HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Thu, 31 Oct 2024 22:44:30 GMT Content-Type: text/html Content-Length: 2337 Last-Modified: Sat, 19 Oct 2024 13:07:24 GMT Connection: close ETag: "6713af0c-921" Accept-Ranges: bytes Page title: DVR <!doctype html> <html> <head> <link rel="icon" href="data:,"> <title>DVR</title> <meta http-equiv="MSThemeCompatible" content="yes" /> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> </head> <body onload="gen_browser_link()"> <div style="text-align: center; font-size: 16pt"> <table align="center"> <tr> <td><a id="weblink" href="">Browser</a></td> </tr> <tr> <td><a id="weblink_upnp" href="">Browser(UPnP)</a></td> </tr> <tr> <td><a href="ie.html">iWatch DVR for Internet Explorer 7/8/9/10/11</a></td> </tr> <tr> <td><a href="iWatchDVR.exe?1.2.0.56.exe">iWatch DVR for Windows XP/Vista/7/8</a></td> </tr> <tr> <td><a href="SoCatch.tar.gz?0.0.0.0.app">SoCatch for Mac OS X 10.6 or above</a></td> </tr> <tr> <td><a href="m.html">JPEG viewer</a></td> </tr> </table> <table align="center"> <tr> <td> <a href="https://play.google.com/store/apps/details?id=remote.iWatchDVR.SoCatch&hl=zh_TW" target="_blank"> <img style="border-width: 0px" src="android.png" width="250" height="125" /> </a> </td> <td> <a href="http://itunes.apple.com/tw/app/iwatch-dvr-ii/id507685617" target="_blank"> <img style="border-width: 0px" src="iphone.png" width="250" height="125" /> </a> </td> </tr> </table> <script> function gen_browser_link() { document.getElementById("weblink").href = "https://" + window.location.hostname + ":" + 443 + "/login.html"; let upnp_ip = ""; let b = document.getElementById("weblink_upnp"); if (upnp_ip.length == 0) { b.style.display = "none"; } else { b.href = "https://" + upnp_ip + ":" + 49513 + "/login.html"; } } </script> </div> </body> </html>Found 5 hours ago by HttpPluginCreate report
-
Open service 59.126.200.58:80
2024-10-29 23:10
HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Tue, 29 Oct 2024 23:10:52 GMT Content-Type: text/html Content-Length: 2337 Last-Modified: Sat, 19 Oct 2024 13:07:24 GMT Connection: close ETag: "6713af0c-921" Accept-Ranges: bytes Page title: DVR <!doctype html> <html> <head> <link rel="icon" href="data:,"> <title>DVR</title> <meta http-equiv="MSThemeCompatible" content="yes" /> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> </head> <body onload="gen_browser_link()"> <div style="text-align: center; font-size: 16pt"> <table align="center"> <tr> <td><a id="weblink" href="">Browser</a></td> </tr> <tr> <td><a id="weblink_upnp" href="">Browser(UPnP)</a></td> </tr> <tr> <td><a href="ie.html">iWatch DVR for Internet Explorer 7/8/9/10/11</a></td> </tr> <tr> <td><a href="iWatchDVR.exe?1.2.0.56.exe">iWatch DVR for Windows XP/Vista/7/8</a></td> </tr> <tr> <td><a href="SoCatch.tar.gz?0.0.0.0.app">SoCatch for Mac OS X 10.6 or above</a></td> </tr> <tr> <td><a href="m.html">JPEG viewer</a></td> </tr> </table> <table align="center"> <tr> <td> <a href="https://play.google.com/store/apps/details?id=remote.iWatchDVR.SoCatch&hl=zh_TW" target="_blank"> <img style="border-width: 0px" src="android.png" width="250" height="125" /> </a> </td> <td> <a href="http://itunes.apple.com/tw/app/iwatch-dvr-ii/id507685617" target="_blank"> <img style="border-width: 0px" src="iphone.png" width="250" height="125" /> </a> </td> </tr> </table> <script> function gen_browser_link() { document.getElementById("weblink").href = "https://" + window.location.hostname + ":" + 443 + "/login.html"; let upnp_ip = ""; let b = document.getElementById("weblink_upnp"); if (upnp_ip.length == 0) { b.style.display = "none"; } else { b.href = "https://" + upnp_ip + ":" + 49513 + "/login.html"; } } </script> </div> </body> </html>Found 2 days ago by HttpPluginCreate report
-
Open service 59.126.200.58:80
2024-10-29 02:37
HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Tue, 29 Oct 2024 02:37:56 GMT Content-Type: text/html Content-Length: 2337 Last-Modified: Sat, 19 Oct 2024 13:07:24 GMT Connection: close ETag: "6713af0c-921" Accept-Ranges: bytes Page title: DVR <!doctype html> <html> <head> <link rel="icon" href="data:,"> <title>DVR</title> <meta http-equiv="MSThemeCompatible" content="yes" /> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> </head> <body onload="gen_browser_link()"> <div style="text-align: center; font-size: 16pt"> <table align="center"> <tr> <td><a id="weblink" href="">Browser</a></td> </tr> <tr> <td><a id="weblink_upnp" href="">Browser(UPnP)</a></td> </tr> <tr> <td><a href="ie.html">iWatch DVR for Internet Explorer 7/8/9/10/11</a></td> </tr> <tr> <td><a href="iWatchDVR.exe?1.2.0.56.exe">iWatch DVR for Windows XP/Vista/7/8</a></td> </tr> <tr> <td><a href="SoCatch.tar.gz?0.0.0.0.app">SoCatch for Mac OS X 10.6 or above</a></td> </tr> <tr> <td><a href="m.html">JPEG viewer</a></td> </tr> </table> <table align="center"> <tr> <td> <a href="https://play.google.com/store/apps/details?id=remote.iWatchDVR.SoCatch&hl=zh_TW" target="_blank"> <img style="border-width: 0px" src="android.png" width="250" height="125" /> </a> </td> <td> <a href="http://itunes.apple.com/tw/app/iwatch-dvr-ii/id507685617" target="_blank"> <img style="border-width: 0px" src="iphone.png" width="250" height="125" /> </a> </td> </tr> </table> <script> function gen_browser_link() { document.getElementById("weblink").href = "https://" + window.location.hostname + ":" + 443 + "/login.html"; let upnp_ip = ""; let b = document.getElementById("weblink_upnp"); if (upnp_ip.length == 0) { b.style.display = "none"; } else { b.href = "https://" + upnp_ip + ":" + 49513 + "/login.html"; } } </script> </div> </body> </html>Found 2024-10-29 by HttpPluginCreate report
-
Open service 59.126.200.58:80
2024-10-21 22:31
HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Mon, 21 Oct 2024 22:31:44 GMT Content-Type: text/html Content-Length: 2337 Last-Modified: Sat, 19 Oct 2024 13:07:24 GMT Connection: close ETag: "6713af0c-921" Accept-Ranges: bytes Page title: DVR <!doctype html> <html> <head> <link rel="icon" href="data:,"> <title>DVR</title> <meta http-equiv="MSThemeCompatible" content="yes" /> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> </head> <body onload="gen_browser_link()"> <div style="text-align: center; font-size: 16pt"> <table align="center"> <tr> <td><a id="weblink" href="">Browser</a></td> </tr> <tr> <td><a id="weblink_upnp" href="">Browser(UPnP)</a></td> </tr> <tr> <td><a href="ie.html">iWatch DVR for Internet Explorer 7/8/9/10/11</a></td> </tr> <tr> <td><a href="iWatchDVR.exe?1.2.0.56.exe">iWatch DVR for Windows XP/Vista/7/8</a></td> </tr> <tr> <td><a href="SoCatch.tar.gz?0.0.0.0.app">SoCatch for Mac OS X 10.6 or above</a></td> </tr> <tr> <td><a href="m.html">JPEG viewer</a></td> </tr> </table> <table align="center"> <tr> <td> <a href="https://play.google.com/store/apps/details?id=remote.iWatchDVR.SoCatch&hl=zh_TW" target="_blank"> <img style="border-width: 0px" src="android.png" width="250" height="125" /> </a> </td> <td> <a href="http://itunes.apple.com/tw/app/iwatch-dvr-ii/id507685617" target="_blank"> <img style="border-width: 0px" src="iphone.png" width="250" height="125" /> </a> </td> </tr> </table> <script> function gen_browser_link() { document.getElementById("weblink").href = "https://" + window.location.hostname + ":" + 443 + "/login.html"; let upnp_ip = ""; let b = document.getElementById("weblink_upnp"); if (upnp_ip.length == 0) { b.style.display = "none"; } else { b.href = "https://" + upnp_ip + ":" + 49513 + "/login.html"; } } </script> </div> </body> </html>Found 2024-10-21 by HttpPluginCreate report
-
Open service 59.126.200.58:80
2024-10-19 22:42
HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Sat, 19 Oct 2024 22:42:32 GMT Content-Type: text/html Content-Length: 2337 Last-Modified: Sat, 19 Oct 2024 13:07:24 GMT Connection: close ETag: "6713af0c-921" Accept-Ranges: bytes Page title: DVR <!doctype html> <html> <head> <link rel="icon" href="data:,"> <title>DVR</title> <meta http-equiv="MSThemeCompatible" content="yes" /> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> </head> <body onload="gen_browser_link()"> <div style="text-align: center; font-size: 16pt"> <table align="center"> <tr> <td><a id="weblink" href="">Browser</a></td> </tr> <tr> <td><a id="weblink_upnp" href="">Browser(UPnP)</a></td> </tr> <tr> <td><a href="ie.html">iWatch DVR for Internet Explorer 7/8/9/10/11</a></td> </tr> <tr> <td><a href="iWatchDVR.exe?1.2.0.56.exe">iWatch DVR for Windows XP/Vista/7/8</a></td> </tr> <tr> <td><a href="SoCatch.tar.gz?0.0.0.0.app">SoCatch for Mac OS X 10.6 or above</a></td> </tr> <tr> <td><a href="m.html">JPEG viewer</a></td> </tr> </table> <table align="center"> <tr> <td> <a href="https://play.google.com/store/apps/details?id=remote.iWatchDVR.SoCatch&hl=zh_TW" target="_blank"> <img style="border-width: 0px" src="android.png" width="250" height="125" /> </a> </td> <td> <a href="http://itunes.apple.com/tw/app/iwatch-dvr-ii/id507685617" target="_blank"> <img style="border-width: 0px" src="iphone.png" width="250" height="125" /> </a> </td> </tr> </table> <script> function gen_browser_link() { document.getElementById("weblink").href = "https://" + window.location.hostname + ":" + 443 + "/login.html"; let upnp_ip = ""; let b = document.getElementById("weblink_upnp"); if (upnp_ip.length == 0) { b.style.display = "none"; } else { b.href = "https://" + upnp_ip + ":" + 49513 + "/login.html"; } } </script> </div> </body> </html>Found 2024-10-19 by HttpPluginCreate report
-
Open service 59.126.200.58:80
2024-10-17 22:53
HTTP/1.1 200 OK Server: nginx/1.20.1 Date: Thu, 17 Oct 2024 22:53:44 GMT Content-Type: text/html Content-Length: 2337 Last-Modified: Thu, 17 Oct 2024 12:56:16 GMT Connection: close ETag: "67110970-921" Accept-Ranges: bytes Page title: DVR <!doctype html> <html> <head> <link rel="icon" href="data:,"> <title>DVR</title> <meta http-equiv="MSThemeCompatible" content="yes" /> <meta http-equiv="content-type" content="text/html; charset=UTF-8" /> </head> <body onload="gen_browser_link()"> <div style="text-align: center; font-size: 16pt"> <table align="center"> <tr> <td><a id="weblink" href="">Browser</a></td> </tr> <tr> <td><a id="weblink_upnp" href="">Browser(UPnP)</a></td> </tr> <tr> <td><a href="ie.html">iWatch DVR for Internet Explorer 7/8/9/10/11</a></td> </tr> <tr> <td><a href="iWatchDVR.exe?1.2.0.56.exe">iWatch DVR for Windows XP/Vista/7/8</a></td> </tr> <tr> <td><a href="SoCatch.tar.gz?0.0.0.0.app">SoCatch for Mac OS X 10.6 or above</a></td> </tr> <tr> <td><a href="m.html">JPEG viewer</a></td> </tr> </table> <table align="center"> <tr> <td> <a href="https://play.google.com/store/apps/details?id=remote.iWatchDVR.SoCatch&hl=zh_TW" target="_blank"> <img style="border-width: 0px" src="android.png" width="250" height="125" /> </a> </td> <td> <a href="http://itunes.apple.com/tw/app/iwatch-dvr-ii/id507685617" target="_blank"> <img style="border-width: 0px" src="iphone.png" width="250" height="125" /> </a> </td> </tr> </table> <script> function gen_browser_link() { document.getElementById("weblink").href = "https://" + window.location.hostname + ":" + 443 + "/login.html"; let upnp_ip = ""; let b = document.getElementById("weblink_upnp"); if (upnp_ip.length == 0) { b.style.display = "none"; } else { b.href = "https://" + upnp_ip + ":" + 49513 + "/login.html"; } } </script> </div> </body> </html>Found 2024-10-17 by HttpPluginCreate report
-
Open service 59.126.200.58:80
2024-10-01 20:11
HTTP/1.0 200 OK Content-type: text/html Server: uc-httpd 1.0.0 Expires: 0 Page title: NETSurveillance WEB <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <link rel="stylesheet" type="text/css" media="screen" href="m.css" /> <title>NETSurveillance WEB</title> <!-- m.js --> <script type="text/javascript" language="JavaScript"> var ShowTipFlag=2; if(navigator.userAgent.indexOf('IE') < 0) { var userAgent = navigator.userAgent, rMsie = /(msie\s|trident.*rv:)([\w.]+)/, rFirefox = /(firefox)\/([\w.]+)/, rOpera = /(opera).+version\/([\w.]+)/, rChrome = /(chrome)\/([\w.]+)/, rSafari = /version\/([\w.]+).*(safari)/; var browserMatch = uaMatch(userAgent.toLowerCase()); if(browserMatch.browser!="IE") { location="Login.htm"; } } function reminder() { var nSel=$('langlist').selectedIndex; var cLanguage; switch(nSel) { case 0: cLanguage="English"; break; case 1: cLanguage="French"; break; case 2: cLanguage="Hungarian"; break; case 3: cLanguage="Italian"; break; case 4: cLanguage="Japanese"; break; case 5: cLanguage="Portugal"; break; case 6: cLanguage="Russian"; break; case 7: cLanguage="SimpChinese"; break; case 8: cLanguage="Spanish"; break; case 9: cLanguage="TradChinese"; break; case 10: cLanguage="German"; break; case 11: cLanguage="Poland"; break; case 12: cLanguage="Turkey"; break; case 13: cLanguage="Romanian"; break; case 14: cLanguage="Suomi"; break; case 15: cLanguage="Korean"; break; case 16: cLanguage="Farsi"; break; case 17: cLanguage="Thai"; break; case 18: cLanguage="Greek"; break; case 19: cLanguage="Vietnamese"; break; case 20: cLanguage="Brazilian"; break; case 21: cLanguage="Hebrew"; break; case 22: cLanguage="Arabic"; break; case 23: cLanguage="Bulgarian"; break; case 24: cLanguage="Czech"; break; default: cLanguage="English"; break; } if(2==ShowTipFlag) { switch(nSel) { case 0: cLanguage="English"; alert("Please set the encrypted problem!"); break; case 7: cLanguage="SimpChinese"; alert("请先设置密保问题!"); break; default: cLanguage="English"; alert("Please set the encrypted problem!"); break; } } else { location="reminder.html?cLanguage="+cLanguage; } } function uaMatch(ua) { var match = rMsie.exec(ua); if (match != null) { return { browser : "IE", version : match[2] || "0" }; } var match = rFirefox.exec(ua); if (match != null) { return { browser : match[1] || "", version : match[2] || "0" }; } var match = rOpera.exec(ua); if (match != null) {Found 2024-10-01 by HttpPluginCreate report