nginx
tcp/443 tcp/5000 tcp/80
Malicious users exploiting this vulnerability may be able to read and/or write information to shared directories.
This may also include IPC services and lead to remote code execution.
Severity: high
Fingerprint: 22420ce026fa767de22ea8c34a86589d1ad94b5f0ba5ea3ee85af36308a1c37d
Found open SMB shares with NT AUTHORITY/ANONYMOUS LOGON chat homes MailPlus music IPC$
Open service 90.73.215.217:445
2024-09-15 23:48
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:445
2024-09-13 23:21
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:80
2024-09-11 23:23
HTTP/1.1 200 OK Server: nginx Date: Wed, 11 Sep 2024 23:23:24 GMT Content-Type: text/html Content-Length: 543 Last-Modified: Tue, 30 Jul 2024 05:16:20 GMT Connection: close Accept-Ranges: bytes <!DOCTYPE html> <html> <body> <input type="hidden" id="http" name="http" value="5000"> <input type="hidden" id="https" name="https" value="5001"> <input type="hidden" id="prefer_https" name="prefer_https" value="false"> </body> <script type="text/javascript"> var protocol=location.protocol; var port=location.protocol === "https:" ? 5001 : 5000; var URL=protocol+"//"+location.hostname+":"+port+location.pathname+location.search; location.replace(URL); </script> </html>
Open service 90.73.215.217:445
2024-09-11 23:18
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:5000
2024-09-11 21:33
HTTP/1.1 200 OK Server: nginx Date: Wed, 11 Sep 2024 21:33:10 GMT Content-Type: text/html; charset="UTF-8" Transfer-Encoding: chunked Connection: close Vary: Accept-Encoding Cache-control: no-store X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block X-Frame-Options: SAMEORIGIN P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Security-Policy: base-uri 'self'; connect-src data: ws: wss: http: https:; default-src 'self' 'unsafe-eval' data: blob: https://*.synology.com https://www.synology.cn/ https://help.synology.cn/; font-src 'self' data: https://*.googleapis.com https://*.gstatic.com https://*.gstatic.com; form-action 'self'; frame-ancestors 'self'; frame-src 'self' data: blob: https://*.synology.com https://*.synology.cn http://*.synology.com http://*.synology.cn; img-src 'self' data: blob: https://*.google.com https://*.googleapis.com http://*.googlecode.com https://*.gstatic.com https://global.download.synology.com https://*.gstatic.com https://*.googleapis.com https://*.google.com http://*.baidu.com https://*.bdstatic.com https://*.bdimg.com; media-src 'self' data: about: https://*.synology.com https://help.synology.cn; script-src 'self' 'unsafe-eval' data: blob: https://maps.google.com https://ajax.googleapis.com https://help.synology.com https://help.synology.cn https://*.google.com https://*.googleapis.com https://*.baidu.com https://*.bdstatic.com https://*.bdimg.com; style-src 'self' 'unsafe-inline' https://*.googleapis.com https://*.googleapis.com https://api.map.baidu.com; Page title: DSM mobile - DS220plus <!DOCTYPE HTML> <html manifest=""> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"> <title>DSM mobile - DS220plus</title> <link href="/scripts/sencha-touch-2.4.1/resources/css/cupertino.css?v=42962" rel="stylesheet" type="text/css"> <link href="mobile/ui/style.css?v=42962" rel="stylesheet" type="text/css"> <link rel="shortcut icon" href="webman/favicon.ico?v=42962"> <script type="text/javascript" src="webapi/entry.cgi?api=SYNO.Core.Desktop.SessionData&version=1&method=getjs_mobile&SynoToken="></script> <script type="text/javascript" src="/scripts/sencha-touch-2.4.1/touch.js?v=42962"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.JSUIString&version=1&method=getjs&lang=enu&v=42962"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.UIString&version=1&method=getjs&lang=enu&v=42962"></script> <script src="webapi/entry.cgi?api=SYNO.Core.Desktop.Defs&version=1&method=getjs&v=42962&SynoToken="></script> <script type="text/javascript" src="mobile/ui/mobile.js?v=42962"></script> <script type="text/javascript" src="/synoSDSjslib/webapierrorcode.js?v=42962"></script> </head> <body class="syno-mobile-body"> <div class="x-mask x-loading-mask syno-mask" id="syno-mobile-preinit-mask" style="width:100%; height: 100%;"> <div class="syno-mask-ct" id="syno-mask-ct"> <div class="syno-mask-inner" id="syno-mask-loading"> <div class="syno-loading-icon"></div> <div class="syno-message x-mask-message syno-mask-message">Loading...</div> </div> <div id="syno-non-admin-redirect" style="visibility: hidden;"> <div class="syno-upper-part"><span id="syno-non-admin-redirect-desc"></span></div> <div class="syno-lower-part"><a id="syno-non-admin-redirect-button" class="x-syno-button" href="/?forceDesktop=2"></a></div> </div> </div> </div> </body> </html>
Open service 90.73.215.217:445
2024-09-10 09:43
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:443
2024-09-10 06:34
HTTP/1.1 200 OK Server: nginx Date: Tue, 10 Sep 2024 06:34:02 GMT Content-Type: text/html Content-Length: 543 Last-Modified: Tue, 30 Jul 2024 05:16:20 GMT Connection: close Accept-Ranges: bytes <!DOCTYPE html> <html> <body> <input type="hidden" id="http" name="http" value="5000"> <input type="hidden" id="https" name="https" value="5001"> <input type="hidden" id="prefer_https" name="prefer_https" value="false"> </body> <script type="text/javascript"> var protocol=location.protocol; var port=location.protocol === "https:" ? 5001 : 5000; var URL=protocol+"//"+location.hostname+":"+port+location.pathname+location.search; location.replace(URL); </script> </html>
Open service 90.73.215.217:445
2024-09-09 22:59
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:445
2024-09-07 22:31
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:445
2024-08-15 21:12
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:445
2024-08-13 21:31
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:445
2024-08-11 20:40
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:445
2024-08-09 20:13
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0
Open service 90.73.215.217:445
2024-08-07 20:10
SMB NTLMSSP handshake results: Found non-Windows 6.1 build 0