nginx 1.18.0
tcp/80
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b8647ec6670485027704850277048502770485027
Found HiSiliconDVR firmware: Hardware: General TVI3208_H Vulnerable to multiple issues : LFI, possibly RCE
Open service 87.117.11.104:80
2024-09-09 19:24
HTTP/1.1 200 OK Server: nginx/1.18.0 Date: Mon, 09 Sep 2024 19:24:54 GMT Content-Type: text/html Content-Length: 612 Last-Modified: Sun, 08 Sep 2024 08:15:48 GMT Connection: close ETag: "66dd5d34-264" Accept-Ranges: bytes Page title: Welcome to nginx! <!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
Open service 87.117.11.104:80 · trs.kv9.ru
2024-09-08 08:35
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 Date: Sun, 08 Sep 2024 08:35:42 GMT Content-Type: text/html Content-Length: 169 Connection: close Location: https://trs.kv9.ru/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.18.0</center> </body> </html>
Open service 87.117.11.104:80 · kv9.ru
2024-09-08 08:20
HTTP/1.1 301 Moved Permanently Server: nginx/1.18.0 Date: Sun, 08 Sep 2024 08:20:18 GMT Content-Type: text/html Content-Length: 169 Connection: close Location: https://kv9.ru/ Page title: 301 Moved Permanently <html> <head><title>301 Moved Permanently</title></head> <body> <center><h1>301 Moved Permanently</h1></center> <hr><center>nginx/1.18.0</center> </body> </html>