uc-httpd 1.0.0
tcp/80 tcp/81
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b076db6a40ed134490ed134490ed134490ed13449
Found HiSiliconDVR firmware: Hardware: NOCRYPO AHD9808H_F Vulnerable to multiple issues : LFI, possibly RCE
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b076db6a40ed134490ed134490ed134490ed13449
Found HiSiliconDVR firmware: Hardware: NOCRYPO AHD9808H_F Vulnerable to multiple issues : LFI, possibly RCE
Open service 83.171.107.21:81
2024-03-08 03:58
HTTP/1.1 200 OK Content-type: application/octet-stream Server: uc-httpd/1.0.0 Cache-Control: max-age=864000 Connection: Close <H1>Index of /mnt/web</H1> <H1>Index of /mnt/web</H1>
Open service 83.171.107.21:80
2024-03-08 03:58
HTTP/1.1 200 OK Content-type: application/octet-stream Server: uc-httpd/1.0.0 Cache-Control: max-age=864000 Connection: Close <H1>Index of /mnt/web</H1> <H1>Index of /mnt/web</H1>
Open service 83.171.107.21:81
2024-03-07 16:17
HTTP/1.1 200 OK Content-type: application/octet-stream Server: uc-httpd/1.0.0 Cache-Control: max-age=864000 Connection: Close <H1>Index of /mnt/web</H1> <H1>Index of /mnt/web</H1>
Open service 83.171.107.21:80
2024-03-07 16:16
HTTP/1.1 200 OK Content-type: application/octet-stream Server: uc-httpd/1.0.0 Cache-Control: max-age=864000 Connection: Close <H1>Index of /mnt/web</H1> <H1>Index of /mnt/web</H1>
Open service 83.171.107.21:81
2024-03-06 18:33
HTTP/1.1 200 OK Content-type: application/octet-stream Server: uc-httpd/1.0.0 Cache-Control: max-age=864000 Connection: Close <H1>Index of /mnt/web</H1> <H1>Index of /mnt/web</H1>
Open service 83.171.107.21:80
2024-03-06 18:28
HTTP/1.1 200 OK Content-type: application/octet-stream Server: uc-httpd/1.0.0 Cache-Control: max-age=864000 Connection: Close <H1>Index of /mnt/web</H1> <H1>Index of /mnt/web</H1>
Open service 83.171.107.21:80
2024-03-03 11:53
HTTP/1.1 200 OK Content-type: application/octet-stream Server: uc-httpd/1.0.0 Cache-Control: max-age=864000 Connection: Close <H1>Index of /mnt/web</H1> <H1>Index of /mnt/web</H1>
Open service 83.171.107.21:81
2024-03-03 03:17
HTTP/1.1 200 OK Content-type: application/octet-stream Server: uc-httpd/1.0.0 Cache-Control: max-age=864000 Connection: Close <H1>Index of /mnt/web</H1> <H1>Index of /mnt/web</H1>