{"uuid": "1054384d-9794-4a32-912f-3fa060964dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/709", "content": "\"port:23 console gateway\" Polycom video-conference system no-auth shell \"\"polycom command shell\"\" NPort serial-to-eth / MoCA devices without password \"nport -keyin port:23\" Android Root Bridges\n\nA tangential result of Google's sloppy fractured update approach. \ud83d\ude44 More information here. \"\"Android Debug Bridge\" \"Device\" port:5555\" Lantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords \"Lantronix password port:30718 -secured\" Citrix Virtual Apps \"\"Citrix Applications:\" port:1604\" Cisco Smart Install\n\nVulnerable (kind of \"by design,\" but especially when exposed). \"\"smart install client active\"\" PBX IP Phone Gateways \"PBX \"gateway console\" -password port:23\" Polycom Video Conferencing \"http.title:\"- Polycom\" \"Server: lighttpd\"\" \"\"Polycom Command Shell\" -failed port:23\" Telnet Configuration: \"\"Polycom Command Shell\" -failed port:23\"\n\nExample: Polycom Video Conferencing Bomgar Help Desk Portal \"\"Server: Bomgar\" \"200 OK\"\" Intel Active Management CVE-2017-5689 \"\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995\" \"\"Active Management Technology\"\" HP iLO 4 CVE-2017-12542 \"HP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\" Lantronix ethernet adapter's admin interface without password \"\"Press Enter for Setup Mode port:9999\"\" Wifi Passwords:\n\nHelps to find the cleartext wifi passwords in Shodan. \"html:\"def_wirelesspassword\"\" Misconfigured Wordpress Sites:\n\nThe wp-config.php if accessed can give out the database credentials. \"http.html:\"* The wp-config.php creation script uses this file\"\" Outlook Web Access: Exchange 2007 \"\"x-owa-version\" \"IE=EmulateIE7\" \"Server: Microsoft-IIS/7.0\"\" Exchange 2010 \"\"x-owa-version\" \"IE=EmulateIE7\" http.favicon.hash:442749392\" Exchange 2013 / 2016 \"\"X-AspNet-Version\" http.title:\"Outlook\" -\"x-owa-version\"\" Lync / Skype for Business \"\"X-MS-Server-Fqdn\"\" Network Attached Storage (NAS) SMB (Samba) File Shares\n\nProduces ~500,000 results...narrow down by adding \"Documents\" or \"Videos\", etc. \"\"Authentication: disabled\" port:445\" Specifically domain controllers: \"\"Authentication: disabled\" NETLOGON SYSVOL -unix port:445\" Concerning default network shares of QuickBooks files: \"\"Authentication: disabled\" \"Shared this folder to access QuickBooks files OverNetwork\" -unix port:445\" FTP Servers with Anonymous Login \"\"220\" \"230 Login successful.\" port:21\" Iomega / LenovoEMC NAS Drives \"\"Set-Cookie: iomega=\" -\"manage/login.html\" -http.title:\"Log In\"\" Buffalo TeraStation NAS Drives \"Redirecting sencha port:9000\" Logitech Media Servers \"\"Server: Logitech Media Server\" \"200 OK\"\"\n\nExample: Logitech Media Servers Plex Media Servers \"\"X-Plex-Protocol\" \"200 OK\" port:32400\" Tautulli / PlexPy Dashboards \"\"CherryPy/5.1.0\" \"/home\"\" Home router attached USB \"\"IPC$ all storage devices\"\" Webcams Generic camera search \"title:camera\" Webcams with screenshots \"webcam has_screenshot:true\" D-Link webcams \"\"d-Link Internet Camera, 200 OK\"\" Hipcam \"\"Hipcam RealServer/V1.0\"\" Yawcams \"\"Server: yawcam\" \"Mime-Type: text/html\"\" webcamXP/webcam7 \"(\"webcam 7\" OR \"webcamXP\") http.component:\"mootools\" -401\" Android IP Webcam Server \"\"Server: IP Webcam Server\" \"200 OK\"\" Security DVRs \"html:\"DVR_H264 ActiveX\"\" Surveillance Cams:\n\nWith username:admin and password: :P \"NETSurveillance uc-httpd\" \"Server: uc-httpd 1.0.0\" Printers & Copiers: HP Printers \"\"Serial Number:\" \"Built:\" \"Server: HP HTTP\"\" Xerox Copiers/Printers \"ssl:\"Xerox Generic Root\"\" Epson Printers \"\"SERVER: EPSON_Linux UPnP\" \"200 OK\"\" \"\"Server: EPSON-HTTP\" \"200 OK\"\" Canon Printers \"\"Server: KS_HTTP\" \"200 OK\"\" \"\"Server: CANON HTTP Server\"\" Home Devices Yamaha Stereos \"\"Server: AV_Recei[...]", "creation_timestamp": "2024-03-18T14:36:35.000000Z"}