<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://db.gcve.eu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 17 Jul 2026 17:25:10 +0000</lastBuildDate>
    <item>
      <title>c1d6cb9d-c040-4a39-af9f-3400f25896be</title>
      <link>https://db.gcve.eu/sighting/c1d6cb9d-c040-4a39-af9f-3400f25896be/export</link>
      <description>{"uuid": "c1d6cb9d-c040-4a39-af9f-3400f25896be", "vulnerability_lookup_origin": "c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "exploited", "source": "https://db.gcve.eu/known-exploited-vulnerabilities-catalog/fe026380-c375-4ff6-b489-8b01e189972d", "content": "", "creation_timestamp": "2026-07-01T05:54:35.931908Z"}</description>
      <content:encoded>{"uuid": "c1d6cb9d-c040-4a39-af9f-3400f25896be", "vulnerability_lookup_origin": "c8fb6bf1-f81f-4cb8-95b1-eadbb3b54ee8", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "exploited", "source": "https://db.gcve.eu/known-exploited-vulnerabilities-catalog/fe026380-c375-4ff6-b489-8b01e189972d", "content": "", "creation_timestamp": "2026-07-01T05:54:35.931908Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/c1d6cb9d-c040-4a39-af9f-3400f25896be/export</guid>
      <pubDate>Wed, 01 Jul 2026 05:54:35 +0000</pubDate>
    </item>
    <item>
      <title>dce88336-ab99-465b-9bac-ccbf05d65d4a</title>
      <link>https://db.gcve.eu/sighting/dce88336-ab99-465b-9bac-ccbf05d65d4a/export</link>
      <description>{"uuid": "dce88336-ab99-465b-9bac-ccbf05d65d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "published-proof-of-concept", "source": "Telegram/Xr5BEMPIRTUXMyC-epT6zatDmVm-MjIk_shJz3VkKTg4ZZ0", "content": "", "creation_timestamp": "2025-10-14T03:00:08.000000Z"}</description>
      <content:encoded>{"uuid": "dce88336-ab99-465b-9bac-ccbf05d65d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "published-proof-of-concept", "source": "Telegram/Xr5BEMPIRTUXMyC-epT6zatDmVm-MjIk_shJz3VkKTg4ZZ0", "content": "", "creation_timestamp": "2025-10-14T03:00:08.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/dce88336-ab99-465b-9bac-ccbf05d65d4a/export</guid>
      <pubDate>Tue, 14 Oct 2025 03:00:08 +0000</pubDate>
    </item>
    <item>
      <title>e2d63905-779d-41d5-81cc-90da50c75270</title>
      <link>https://db.gcve.eu/sighting/e2d63905-779d-41d5-81cc-90da50c75270/export</link>
      <description>{"uuid": "e2d63905-779d-41d5-81cc-90da50c75270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:53.000000Z"}</description>
      <content:encoded>{"uuid": "e2d63905-779d-41d5-81cc-90da50c75270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:09:53.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/e2d63905-779d-41d5-81cc-90da50c75270/export</guid>
      <pubDate>Sun, 23 Feb 2025 04:09:53 +0000</pubDate>
    </item>
    <item>
      <title>fe4b88f5-7b44-4b93-b154-7b2ecdb93db2</title>
      <link>https://db.gcve.eu/sighting/fe4b88f5-7b44-4b93-b154-7b2ecdb93db2/export</link>
      <description>{"uuid": "fe4b88f5-7b44-4b93-b154-7b2ecdb93db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}</description>
      <content:encoded>{"uuid": "fe4b88f5-7b44-4b93-b154-7b2ecdb93db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/fe4b88f5-7b44-4b93-b154-7b2ecdb93db2/export</guid>
      <pubDate>Thu, 06 Feb 2025 03:13:43 +0000</pubDate>
    </item>
    <item>
      <title>2659e877-9e91-4559-a71c-f40bd88be00e</title>
      <link>https://db.gcve.eu/sighting/2659e877-9e91-4559-a71c-f40bd88be00e/export</link>
      <description>{"uuid": "2659e877-9e91-4559-a71c-f40bd88be00e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "https://t.me/VasileiadisAnastasis/631", "content": "GaugeTech Electricity Meters\n\"Server: EIG Embedded Web Server\" \"200 Document follows\"\n\nSiemens Industrial Automation\n\"Siemens, SIMATIC\" port:161\n\nSiemens HVAC Controllers\n\"Server: Microsoft-WinCE\" \"Content-Length: 12581\"\n\nDoor / Lock Access Controllers\n\"HID VertX\" port:4070\n\nRailroad Management\n\"log off\" \"select the appropriate\"\n\nTesla Powerpack charging Status:\nHelps to find the charging status of tesla powerpack. http.title:\"Tesla PowerPack System\" http.component:\"d3\" -ga3ca4f2\n\nXZERES Wind Turbine\ntitle:\"xzeres wind\"\n\nPIPS Automated License Plate Reader\n\"html:\"PIPS Technology ALPR Processors\"\"\n\nModbus\n\"port:502\"\n\nNiagara Fox\n\"port:1911,4911 product:Niagara\"\n\nGE-SRTP\n\"port:18245,18246 product:\"general electric\"\"\n\nMELSEC-Q\n\"port:5006,5007 product:mitsubishi\"\n\nCODESYS\n\"port:2455 operating system\"\n\nS7\n\"port:102\"\n\nBACnet\n\"port:47808\"\n\nHART-IP\n\"port:5094 hart-ip\"\n\nOmron FINS\n\"port:9600 response code\"\n\nIEC 60870-5-104\n\"port:2404 asdu address\"\n\nDNP3\n\"port:20000 source address\"\n\nEtherNet/IP\n\"port:44818\"\n\nPCWorx\n\"port:1962 PLC\"\n\nCrimson v3.0\n\"port:789 product:\"Red Lion Controls\"\n\nProConOS\n\"port:20547 PLC\"\n\nRemote Desktop\nUnprotected VNC\n\"authentication disabled\" port:5900,5901 \"authentication disabled\" \"RFB 003.008\"\n\nWindows RDP\n99.99% are secured by a secondary Windows login screen.\n\n\"\\x03\\x00\\x00\\x0b\\x06\\xd0\\x00\\x00\\x124\\x00\"\n\nC2 Infrastructure\nCobaltStrike Servers\nproduct:\"cobalt strike team server\" product:\"Cobalt Strike Beacon\" ssl.cert.serial:146473198 - default certificate serial number ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1 ssl:foren.zik\n\nBrute Ratel\nhttp.html_hash:-1957161625 product:\"Brute Ratel C4\"\n\nCovenant\nssl:\u201dCovenant\u201d http.component:\u201dBlazor\u201d\n\nMetasploit\nssl:\"MetasploitSelfSignedCA\"\n\nNetwork Infrastructure\nHacked routers:\nRouters which got compromised hacked-router-help-sos\n\nRedis open instances\nproduct:\"Redis key-value store\"\n\nCitrix:\nFind Citrix Gateway. title:\"citrix gateway\"\n\n\ud83d\udc33Weave Scope Dashboards\nCommand-line access inside Kubernetes pods and Docker containers, and real-time visualization/monitoring of the entire infrastructure.\n\ntitle:\"Weave Scope\" http.favicon.hash:567176827\n\nJenkins CI\n\"X-Jenkins\" \"Set-Cookie: JSESSIONID\" http.title:\"Dashboard\"\n\nJenkins:\nJenkins Unrestricted Dashboard x-jenkins 200\n\nDocker APIs\n\"Docker Containers:\" port:2375\n\nDocker Private Registries\n\"Docker-Distribution-Api-Version: registry\" \"200 OK\" -gitlab\n\nPi-hole Open DNS Servers\n\"dnsmasq-pi-hole\" \"Recursion: enabled\"\n\nDNS Servers with recursion\n\"port: 53\" Recursion: Enabled\n\nAlready Logged-In as root via Telnet\n\"root@\" port:23 -login -password -name -Session\n\nTelnet Access:\nNO password required for telnet access. port:23 console gateway\n\nPolycom video-conference system no-auth shell\n\"polycom command shell\"\n\nNPort serial-to-eth / MoCA devices without password\nnport -keyin port:23\n\n\"Android Debug Bridge\" \"Device\" port:5555\n\nLantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords\nLantronix password port:30718 -secured\n\nCitrix Virtual Apps\n\"Citrix Applications:\" port:1604\n\nCisco Smart Install\nVulnerable (kind of \"by design,\" but especially when exposed).\n\n\"smart install client active\"\n\nPBX IP Phone Gateways\nPBX \"gateway console\" -password port:23\n\nPolycom Video Conferencing\nhttp.title:\"- Polycom\" \"Server: lighttpd\" \"Polycom Command Shell\" -failed port:23\n\nTelnet Configuration:\n\"Polycom Command Shell\" -failed port:23\n\nExample: Polycom Video Conferencing\n\nBomgar Help Desk Portal\n\"Server: Bomgar\" \"200 OK\"\n\nIntel Active Management CVE-2017-5689\n\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995 \u201dActive Management Technology\u201d\n\nHP iLO 4 CVE-2017-12542\nHP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\n\nLantronix ethernet adapter\u2019s admin interface without password\n\"Press Enter for Setup Mode port:9999\"\n\nWifi Passwords:\nHelps to find the cleartext wifi passwords in Shodan. html:\"def_wirelesspassword\"", "creation_timestamp": "2024-04-02T20:22:47.000000Z"}</description>
      <content:encoded>{"uuid": "2659e877-9e91-4559-a71c-f40bd88be00e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "https://t.me/VasileiadisAnastasis/631", "content": "GaugeTech Electricity Meters\n\"Server: EIG Embedded Web Server\" \"200 Document follows\"\n\nSiemens Industrial Automation\n\"Siemens, SIMATIC\" port:161\n\nSiemens HVAC Controllers\n\"Server: Microsoft-WinCE\" \"Content-Length: 12581\"\n\nDoor / Lock Access Controllers\n\"HID VertX\" port:4070\n\nRailroad Management\n\"log off\" \"select the appropriate\"\n\nTesla Powerpack charging Status:\nHelps to find the charging status of tesla powerpack. http.title:\"Tesla PowerPack System\" http.component:\"d3\" -ga3ca4f2\n\nXZERES Wind Turbine\ntitle:\"xzeres wind\"\n\nPIPS Automated License Plate Reader\n\"html:\"PIPS Technology ALPR Processors\"\"\n\nModbus\n\"port:502\"\n\nNiagara Fox\n\"port:1911,4911 product:Niagara\"\n\nGE-SRTP\n\"port:18245,18246 product:\"general electric\"\"\n\nMELSEC-Q\n\"port:5006,5007 product:mitsubishi\"\n\nCODESYS\n\"port:2455 operating system\"\n\nS7\n\"port:102\"\n\nBACnet\n\"port:47808\"\n\nHART-IP\n\"port:5094 hart-ip\"\n\nOmron FINS\n\"port:9600 response code\"\n\nIEC 60870-5-104\n\"port:2404 asdu address\"\n\nDNP3\n\"port:20000 source address\"\n\nEtherNet/IP\n\"port:44818\"\n\nPCWorx\n\"port:1962 PLC\"\n\nCrimson v3.0\n\"port:789 product:\"Red Lion Controls\"\n\nProConOS\n\"port:20547 PLC\"\n\nRemote Desktop\nUnprotected VNC\n\"authentication disabled\" port:5900,5901 \"authentication disabled\" \"RFB 003.008\"\n\nWindows RDP\n99.99% are secured by a secondary Windows login screen.\n\n\"\\x03\\x00\\x00\\x0b\\x06\\xd0\\x00\\x00\\x124\\x00\"\n\nC2 Infrastructure\nCobaltStrike Servers\nproduct:\"cobalt strike team server\" product:\"Cobalt Strike Beacon\" ssl.cert.serial:146473198 - default certificate serial number ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1 ssl:foren.zik\n\nBrute Ratel\nhttp.html_hash:-1957161625 product:\"Brute Ratel C4\"\n\nCovenant\nssl:\u201dCovenant\u201d http.component:\u201dBlazor\u201d\n\nMetasploit\nssl:\"MetasploitSelfSignedCA\"\n\nNetwork Infrastructure\nHacked routers:\nRouters which got compromised hacked-router-help-sos\n\nRedis open instances\nproduct:\"Redis key-value store\"\n\nCitrix:\nFind Citrix Gateway. title:\"citrix gateway\"\n\n\ud83d\udc33Weave Scope Dashboards\nCommand-line access inside Kubernetes pods and Docker containers, and real-time visualization/monitoring of the entire infrastructure.\n\ntitle:\"Weave Scope\" http.favicon.hash:567176827\n\nJenkins CI\n\"X-Jenkins\" \"Set-Cookie: JSESSIONID\" http.title:\"Dashboard\"\n\nJenkins:\nJenkins Unrestricted Dashboard x-jenkins 200\n\nDocker APIs\n\"Docker Containers:\" port:2375\n\nDocker Private Registries\n\"Docker-Distribution-Api-Version: registry\" \"200 OK\" -gitlab\n\nPi-hole Open DNS Servers\n\"dnsmasq-pi-hole\" \"Recursion: enabled\"\n\nDNS Servers with recursion\n\"port: 53\" Recursion: Enabled\n\nAlready Logged-In as root via Telnet\n\"root@\" port:23 -login -password -name -Session\n\nTelnet Access:\nNO password required for telnet access. port:23 console gateway\n\nPolycom video-conference system no-auth shell\n\"polycom command shell\"\n\nNPort serial-to-eth / MoCA devices without password\nnport -keyin port:23\n\n\"Android Debug Bridge\" \"Device\" port:5555\n\nLantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords\nLantronix password port:30718 -secured\n\nCitrix Virtual Apps\n\"Citrix Applications:\" port:1604\n\nCisco Smart Install\nVulnerable (kind of \"by design,\" but especially when exposed).\n\n\"smart install client active\"\n\nPBX IP Phone Gateways\nPBX \"gateway console\" -password port:23\n\nPolycom Video Conferencing\nhttp.title:\"- Polycom\" \"Server: lighttpd\" \"Polycom Command Shell\" -failed port:23\n\nTelnet Configuration:\n\"Polycom Command Shell\" -failed port:23\n\nExample: Polycom Video Conferencing\n\nBomgar Help Desk Portal\n\"Server: Bomgar\" \"200 OK\"\n\nIntel Active Management CVE-2017-5689\n\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995 \u201dActive Management Technology\u201d\n\nHP iLO 4 CVE-2017-12542\nHP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\n\nLantronix ethernet adapter\u2019s admin interface without password\n\"Press Enter for Setup Mode port:9999\"\n\nWifi Passwords:\nHelps to find the cleartext wifi passwords in Shodan. html:\"def_wirelesspassword\"", "creation_timestamp": "2024-04-02T20:22:47.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/2659e877-9e91-4559-a71c-f40bd88be00e/export</guid>
      <pubDate>Tue, 02 Apr 2024 20:22:47 +0000</pubDate>
    </item>
    <item>
      <title>9db337b3-3d55-4acc-8b64-56bde857ceaa</title>
      <link>https://db.gcve.eu/sighting/9db337b3-3d55-4acc-8b64-56bde857ceaa/export</link>
      <description>{"uuid": "9db337b3-3d55-4acc-8b64-56bde857ceaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "exploited", "source": "https://t.me/VasileiadisAnastasis/634", "content": "GaugeTech Electricity Meters\n\"Server: EIG Embedded Web Server\" \"200 Document follows\"\n\nSiemens Industrial Automation\n\"Siemens, SIMATIC\" port:161\n\nSiemens HVAC Controllers\n\"Server: Microsoft-WinCE\" \"Content-Length: 12581\"\n\nDoor / Lock Access Controllers\n\"HID VertX\" port:4070\n\nRailroad Management\n\"log off\" \"select the appropriate\"\n\nTesla Powerpack charging Status:\nHelps to find the charging status of tesla powerpack. http.title:\"Tesla PowerPack System\" http.component:\"d3\" -ga3ca4f2\n\nXZERES Wind Turbine\ntitle:\"xzeres wind\"\n\nPIPS Automated License Plate Reader\n\"html:\"PIPS Technology ALPR Processors\"\"\n\nModbus\n\"port:502\"\n\nNiagara Fox\n\"port:1911,4911 product:Niagara\"\n\nGE-SRTP\n\"port:18245,18246 product:\"general electric\"\"\n\nMELSEC-Q\n\"port:5006,5007 product:mitsubishi\"\n\nCODESYS\n\"port:2455 operating system\"\n\nS7\n\"port:102\"\n\nBACnet\n\"port:47808\"\n\nHART-IP\n\"port:5094 hart-ip\"\n\nOmron FINS\n\"port:9600 response code\"\n\nIEC 60870-5-104\n\"port:2404 asdu address\"\n\nDNP3\n\"port:20000 source address\"\n\nEtherNet/IP\n\"port:44818\"\n\nPCWorx\n\"port:1962 PLC\"\n\nCrimson v3.0\n\"port:789 product:\"Red Lion Controls\"\n\nProConOS\n\"port:20547 PLC\"\n\n\ud83d\udd30Remote Desktop\n\nUnprotected VNC\n\"authentication disabled\" port:5900,5901 \"authentication disabled\" \"RFB 003.008\"\n\nWindows RDP\n99.99% are secured by a secondary Windows login screen.\n\n\"\\x03\\x00\\x00\\x0b\\x06\\xd0\\x00\\x00\\x124\\x00\"\n\n\ud83d\udd30C2 Infrastructure\n\nCobaltStrike Servers\nproduct:\"cobalt strike team server\" product:\"Cobalt Strike Beacon\" ssl.cert.serial:146473198 - default certificate serial number ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1 ssl:foren.zik\n\nBrute Ratel\nhttp.html_hash:-1957161625 product:\"Brute Ratel C4\"\n\nCovenant\nssl:\u201dCovenant\u201d http.component:\u201dBlazor\u201d\n\nMetasploit\nssl:\"MetasploitSelfSignedCA\"\n\n\ud83d\udd30Network Infrastructure\n\nHacked routers:\nRouters which got compromised hacked-router-help-sos\n\nRedis open instances\nproduct:\"Redis key-value store\"\n\nCitrix:\nFind Citrix Gateway. title:\"citrix gateway\"\n\n\ud83d\udc33Weave Scope Dashboards\nCommand-line access inside Kubernetes pods and Docker containers, and real-time visualization/monitoring of the entire infrastructure.\n\ntitle:\"Weave Scope\" http.favicon.hash:567176827\n\nJenkins CI\n\"X-Jenkins\" \"Set-Cookie: JSESSIONID\" http.title:\"Dashboard\"\n\nJenkins:\nJenkins Unrestricted Dashboard x-jenkins 200\n\nDocker APIs\n\"Docker Containers:\" port:2375\n\nDocker Private Registries\n\"Docker-Distribution-Api-Version: registry\" \"200 OK\" -gitlab\n\nPi-hole Open DNS Servers\n\"dnsmasq-pi-hole\" \"Recursion: enabled\"\n\nDNS Servers with recursion\n\"port: 53\" Recursion: Enabled\n\nAlready Logged-In as root via Telnet\n\"root@\" port:23 -login -password -name -Session\n\nTelnet Access:\nNO password required for telnet access. port:23 console gateway\n\nPolycom video-conference system no-auth shell\n\"polycom command shell\"\n\nNPort serial-to-eth / MoCA devices without password\nnport -keyin port:23\n\n\"Android Debug Bridge\" \"Device\" port:5555\n\nLantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords\nLantronix password port:30718 -secured\n\nCitrix Virtual Apps\n\"Citrix Applications:\" port:1604\n\nCisco Smart Install\nVulnerable (kind of \"by design,\" but especially when exposed).\n\n\"smart install client active\"\n\nPBX IP Phone Gateways\nPBX \"gateway console\" -password port:23\n\nPolycom Video Conferencing\nhttp.title:\"- Polycom\" \"Server: lighttpd\" \"Polycom Command Shell\" -failed port:23\n\nTelnet Configuration:\n\"Polycom Command Shell\" -failed port:23\n\nExample: Polycom Video Conferencing\n\nBomgar Help Desk Portal\n\"Server: Bomgar\" \"200 OK\"\n\nIntel Active Management CVE-2017-5689\n\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995 \u201dActive Management Technology\u201d\n\nHP iLO 4 CVE-2017-12542\nHP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\n\nLantronix ethernet adapter\u2019s admin interface without password\n\"Press Enter for Setup Mode port:9999\"\n\nWifi Passwords:\nHelps to find the cleartext wifi passwords in Shodan. html:\"def_wirelesspassword\"", "creation_timestamp": "2024-04-02T15:27:21.000000Z"}</description>
      <content:encoded>{"uuid": "9db337b3-3d55-4acc-8b64-56bde857ceaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "exploited", "source": "https://t.me/VasileiadisAnastasis/634", "content": "GaugeTech Electricity Meters\n\"Server: EIG Embedded Web Server\" \"200 Document follows\"\n\nSiemens Industrial Automation\n\"Siemens, SIMATIC\" port:161\n\nSiemens HVAC Controllers\n\"Server: Microsoft-WinCE\" \"Content-Length: 12581\"\n\nDoor / Lock Access Controllers\n\"HID VertX\" port:4070\n\nRailroad Management\n\"log off\" \"select the appropriate\"\n\nTesla Powerpack charging Status:\nHelps to find the charging status of tesla powerpack. http.title:\"Tesla PowerPack System\" http.component:\"d3\" -ga3ca4f2\n\nXZERES Wind Turbine\ntitle:\"xzeres wind\"\n\nPIPS Automated License Plate Reader\n\"html:\"PIPS Technology ALPR Processors\"\"\n\nModbus\n\"port:502\"\n\nNiagara Fox\n\"port:1911,4911 product:Niagara\"\n\nGE-SRTP\n\"port:18245,18246 product:\"general electric\"\"\n\nMELSEC-Q\n\"port:5006,5007 product:mitsubishi\"\n\nCODESYS\n\"port:2455 operating system\"\n\nS7\n\"port:102\"\n\nBACnet\n\"port:47808\"\n\nHART-IP\n\"port:5094 hart-ip\"\n\nOmron FINS\n\"port:9600 response code\"\n\nIEC 60870-5-104\n\"port:2404 asdu address\"\n\nDNP3\n\"port:20000 source address\"\n\nEtherNet/IP\n\"port:44818\"\n\nPCWorx\n\"port:1962 PLC\"\n\nCrimson v3.0\n\"port:789 product:\"Red Lion Controls\"\n\nProConOS\n\"port:20547 PLC\"\n\n\ud83d\udd30Remote Desktop\n\nUnprotected VNC\n\"authentication disabled\" port:5900,5901 \"authentication disabled\" \"RFB 003.008\"\n\nWindows RDP\n99.99% are secured by a secondary Windows login screen.\n\n\"\\x03\\x00\\x00\\x0b\\x06\\xd0\\x00\\x00\\x124\\x00\"\n\n\ud83d\udd30C2 Infrastructure\n\nCobaltStrike Servers\nproduct:\"cobalt strike team server\" product:\"Cobalt Strike Beacon\" ssl.cert.serial:146473198 - default certificate serial number ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1 ssl:foren.zik\n\nBrute Ratel\nhttp.html_hash:-1957161625 product:\"Brute Ratel C4\"\n\nCovenant\nssl:\u201dCovenant\u201d http.component:\u201dBlazor\u201d\n\nMetasploit\nssl:\"MetasploitSelfSignedCA\"\n\n\ud83d\udd30Network Infrastructure\n\nHacked routers:\nRouters which got compromised hacked-router-help-sos\n\nRedis open instances\nproduct:\"Redis key-value store\"\n\nCitrix:\nFind Citrix Gateway. title:\"citrix gateway\"\n\n\ud83d\udc33Weave Scope Dashboards\nCommand-line access inside Kubernetes pods and Docker containers, and real-time visualization/monitoring of the entire infrastructure.\n\ntitle:\"Weave Scope\" http.favicon.hash:567176827\n\nJenkins CI\n\"X-Jenkins\" \"Set-Cookie: JSESSIONID\" http.title:\"Dashboard\"\n\nJenkins:\nJenkins Unrestricted Dashboard x-jenkins 200\n\nDocker APIs\n\"Docker Containers:\" port:2375\n\nDocker Private Registries\n\"Docker-Distribution-Api-Version: registry\" \"200 OK\" -gitlab\n\nPi-hole Open DNS Servers\n\"dnsmasq-pi-hole\" \"Recursion: enabled\"\n\nDNS Servers with recursion\n\"port: 53\" Recursion: Enabled\n\nAlready Logged-In as root via Telnet\n\"root@\" port:23 -login -password -name -Session\n\nTelnet Access:\nNO password required for telnet access. port:23 console gateway\n\nPolycom video-conference system no-auth shell\n\"polycom command shell\"\n\nNPort serial-to-eth / MoCA devices without password\nnport -keyin port:23\n\n\"Android Debug Bridge\" \"Device\" port:5555\n\nLantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords\nLantronix password port:30718 -secured\n\nCitrix Virtual Apps\n\"Citrix Applications:\" port:1604\n\nCisco Smart Install\nVulnerable (kind of \"by design,\" but especially when exposed).\n\n\"smart install client active\"\n\nPBX IP Phone Gateways\nPBX \"gateway console\" -password port:23\n\nPolycom Video Conferencing\nhttp.title:\"- Polycom\" \"Server: lighttpd\" \"Polycom Command Shell\" -failed port:23\n\nTelnet Configuration:\n\"Polycom Command Shell\" -failed port:23\n\nExample: Polycom Video Conferencing\n\nBomgar Help Desk Portal\n\"Server: Bomgar\" \"200 OK\"\n\nIntel Active Management CVE-2017-5689\n\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995 \u201dActive Management Technology\u201d\n\nHP iLO 4 CVE-2017-12542\nHP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\n\nLantronix ethernet adapter\u2019s admin interface without password\n\"Press Enter for Setup Mode port:9999\"\n\nWifi Passwords:\nHelps to find the cleartext wifi passwords in Shodan. html:\"def_wirelesspassword\"", "creation_timestamp": "2024-04-02T15:27:21.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/9db337b3-3d55-4acc-8b64-56bde857ceaa/export</guid>
      <pubDate>Tue, 02 Apr 2024 15:27:21 +0000</pubDate>
    </item>
    <item>
      <title>36573e2a-9937-42c0-9892-d3327d1d9ba9</title>
      <link>https://db.gcve.eu/sighting/36573e2a-9937-42c0-9892-d3327d1d9ba9/export</link>
      <description>{"uuid": "36573e2a-9937-42c0-9892-d3327d1d9ba9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/4206", "content": "\"port:23 console gateway\" Polycom video-conference system no-auth shell \"\"polycom command shell\"\" NPort serial-to-eth / MoCA devices without password \"nport -keyin port:23\" Android Root Bridges\n\nA tangential result of Google's sloppy fractured update approach. \ud83d\ude44 More information here. \"\"Android Debug Bridge\" \"Device\" port:5555\" Lantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords \"Lantronix password port:30718 -secured\" Citrix Virtual Apps \"\"Citrix Applications:\" port:1604\" Cisco Smart Install\n\nVulnerable (kind of \"by design,\" but especially when exposed). \"\"smart install client active\"\" PBX IP Phone Gateways \"PBX \"gateway console\" -password port:23\" Polycom Video Conferencing \"http.title:\"- Polycom\" \"Server: lighttpd\"\" \"\"Polycom Command Shell\" -failed port:23\" Telnet Configuration: \"\"Polycom Command Shell\" -failed port:23\"\n\nExample: Polycom Video Conferencing Bomgar Help Desk Portal \"\"Server: Bomgar\" \"200 OK\"\" Intel Active Management CVE-2017-5689 \"\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995\" \"\"Active Management Technology\"\" HP iLO 4 CVE-2017-12542 \"HP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\" Lantronix ethernet adapter's admin interface without password \"\"Press Enter for Setup Mode port:9999\"\" Wifi Passwords:\n\nHelps to find the cleartext wifi passwords in Shodan. \"html:\"def_wirelesspassword\"\" Misconfigured Wordpress Sites:\n\nThe wp-config.php if accessed can give out the database credentials. \"http.html:\"* The wp-config.php creation script uses this file\"\" Outlook Web Access: Exchange 2007 \"\"x-owa-version\" \"IE=EmulateIE7\" \"Server: Microsoft-IIS/7.0\"\" Exchange 2010 \"\"x-owa-version\" \"IE=EmulateIE7\" http.favicon.hash:442749392\" Exchange 2013 / 2016 \"\"X-AspNet-Version\" http.title:\"Outlook\" -\"x-owa-version\"\" Lync / Skype for Business \"\"X-MS-Server-Fqdn\"\" Network Attached Storage (NAS) SMB (Samba) File Shares\n\nProduces ~500,000 results...narrow down by adding \"Documents\" or \"Videos\", etc. \"\"Authentication: disabled\" port:445\" Specifically domain controllers: \"\"Authentication: disabled\" NETLOGON SYSVOL -unix port:445\" Concerning default network shares of QuickBooks files: \"\"Authentication: disabled\" \"Shared this folder to access QuickBooks files OverNetwork\" -unix port:445\" FTP Servers with Anonymous Login \"\"220\" \"230 Login successful.\" port:21\" Iomega / LenovoEMC NAS Drives \"\"Set-Cookie: iomega=\" -\"manage/login.html\" -http.title:\"Log In\"\" Buffalo TeraStation NAS Drives \"Redirecting sencha port:9000\" Logitech Media Servers \"\"Server: Logitech Media Server\" \"200 OK\"\"\n\nExample: Logitech Media Servers Plex Media Servers \"\"X-Plex-Protocol\" \"200 OK\" port:32400\" Tautulli / PlexPy Dashboards \"\"CherryPy/5.1.0\" \"/home\"\" Home router attached USB \"\"IPC$ all storage devices\"\" Webcams Generic camera search \"title:camera\" Webcams with screenshots \"webcam has_screenshot:true\" D-Link webcams \"\"d-Link Internet Camera, 200 OK\"\" Hipcam \"\"Hipcam RealServer/V1.0\"\" Yawcams \"\"Server: yawcam\" \"Mime-Type: text/html\"\" webcamXP/webcam7 \"(\"webcam 7\" OR \"webcamXP\") http.component:\"mootools\" -401\" Android IP Webcam Server \"\"Server: IP Webcam Server\" \"200 OK\"\" Security DVRs \"html:\"DVR_H264 ActiveX\"\" Surveillance Cams:\n\nWith username:admin and password: :P \"NETSurveillance uc-httpd\" \"Server: uc-httpd 1.0.0\" Printers &amp;amp; Copiers: HP Printers \"\"Serial Number:\" \"Built:\" \"Server: HP HTTP\"\" Xerox Copiers/Printers \"ssl:\"Xerox Generic Root\"\" Epson Printers \"\"SERVER: EPSON_Linux UPnP\" \"200 OK\"\" \"\"Server: EPSON-HTTP\" \"200 OK\"\" Canon Printers \"\"Server: KS_HTTP\" \"200 OK\"\" \"\"Server: CANON HTTP Server\"\" Home Devices Yamaha Stereos \"\"Server: AV_Recei[...]", "creation_timestamp": "2024-03-18T14:36:35.000000Z"}</description>
      <content:encoded>{"uuid": "36573e2a-9937-42c0-9892-d3327d1d9ba9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/4206", "content": "\"port:23 console gateway\" Polycom video-conference system no-auth shell \"\"polycom command shell\"\" NPort serial-to-eth / MoCA devices without password \"nport -keyin port:23\" Android Root Bridges\n\nA tangential result of Google's sloppy fractured update approach. \ud83d\ude44 More information here. \"\"Android Debug Bridge\" \"Device\" port:5555\" Lantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords \"Lantronix password port:30718 -secured\" Citrix Virtual Apps \"\"Citrix Applications:\" port:1604\" Cisco Smart Install\n\nVulnerable (kind of \"by design,\" but especially when exposed). \"\"smart install client active\"\" PBX IP Phone Gateways \"PBX \"gateway console\" -password port:23\" Polycom Video Conferencing \"http.title:\"- Polycom\" \"Server: lighttpd\"\" \"\"Polycom Command Shell\" -failed port:23\" Telnet Configuration: \"\"Polycom Command Shell\" -failed port:23\"\n\nExample: Polycom Video Conferencing Bomgar Help Desk Portal \"\"Server: Bomgar\" \"200 OK\"\" Intel Active Management CVE-2017-5689 \"\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995\" \"\"Active Management Technology\"\" HP iLO 4 CVE-2017-12542 \"HP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\" Lantronix ethernet adapter's admin interface without password \"\"Press Enter for Setup Mode port:9999\"\" Wifi Passwords:\n\nHelps to find the cleartext wifi passwords in Shodan. \"html:\"def_wirelesspassword\"\" Misconfigured Wordpress Sites:\n\nThe wp-config.php if accessed can give out the database credentials. \"http.html:\"* The wp-config.php creation script uses this file\"\" Outlook Web Access: Exchange 2007 \"\"x-owa-version\" \"IE=EmulateIE7\" \"Server: Microsoft-IIS/7.0\"\" Exchange 2010 \"\"x-owa-version\" \"IE=EmulateIE7\" http.favicon.hash:442749392\" Exchange 2013 / 2016 \"\"X-AspNet-Version\" http.title:\"Outlook\" -\"x-owa-version\"\" Lync / Skype for Business \"\"X-MS-Server-Fqdn\"\" Network Attached Storage (NAS) SMB (Samba) File Shares\n\nProduces ~500,000 results...narrow down by adding \"Documents\" or \"Videos\", etc. \"\"Authentication: disabled\" port:445\" Specifically domain controllers: \"\"Authentication: disabled\" NETLOGON SYSVOL -unix port:445\" Concerning default network shares of QuickBooks files: \"\"Authentication: disabled\" \"Shared this folder to access QuickBooks files OverNetwork\" -unix port:445\" FTP Servers with Anonymous Login \"\"220\" \"230 Login successful.\" port:21\" Iomega / LenovoEMC NAS Drives \"\"Set-Cookie: iomega=\" -\"manage/login.html\" -http.title:\"Log In\"\" Buffalo TeraStation NAS Drives \"Redirecting sencha port:9000\" Logitech Media Servers \"\"Server: Logitech Media Server\" \"200 OK\"\"\n\nExample: Logitech Media Servers Plex Media Servers \"\"X-Plex-Protocol\" \"200 OK\" port:32400\" Tautulli / PlexPy Dashboards \"\"CherryPy/5.1.0\" \"/home\"\" Home router attached USB \"\"IPC$ all storage devices\"\" Webcams Generic camera search \"title:camera\" Webcams with screenshots \"webcam has_screenshot:true\" D-Link webcams \"\"d-Link Internet Camera, 200 OK\"\" Hipcam \"\"Hipcam RealServer/V1.0\"\" Yawcams \"\"Server: yawcam\" \"Mime-Type: text/html\"\" webcamXP/webcam7 \"(\"webcam 7\" OR \"webcamXP\") http.component:\"mootools\" -401\" Android IP Webcam Server \"\"Server: IP Webcam Server\" \"200 OK\"\" Security DVRs \"html:\"DVR_H264 ActiveX\"\" Surveillance Cams:\n\nWith username:admin and password: :P \"NETSurveillance uc-httpd\" \"Server: uc-httpd 1.0.0\" Printers &amp;amp; Copiers: HP Printers \"\"Serial Number:\" \"Built:\" \"Server: HP HTTP\"\" Xerox Copiers/Printers \"ssl:\"Xerox Generic Root\"\" Epson Printers \"\"SERVER: EPSON_Linux UPnP\" \"200 OK\"\" \"\"Server: EPSON-HTTP\" \"200 OK\"\" Canon Printers \"\"Server: KS_HTTP\" \"200 OK\"\" \"\"Server: CANON HTTP Server\"\" Home Devices Yamaha Stereos \"\"Server: AV_Recei[...]", "creation_timestamp": "2024-03-18T14:36:35.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/36573e2a-9937-42c0-9892-d3327d1d9ba9/export</guid>
      <pubDate>Mon, 18 Mar 2024 14:36:35 +0000</pubDate>
    </item>
    <item>
      <title>1054384d-9794-4a32-912f-3fa060964dc3</title>
      <link>https://db.gcve.eu/sighting/1054384d-9794-4a32-912f-3fa060964dc3/export</link>
      <description>{"uuid": "1054384d-9794-4a32-912f-3fa060964dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/709", "content": "\"port:23 console gateway\" Polycom video-conference system no-auth shell \"\"polycom command shell\"\" NPort serial-to-eth / MoCA devices without password \"nport -keyin port:23\" Android Root Bridges\n\nA tangential result of Google's sloppy fractured update approach. \ud83d\ude44 More information here. \"\"Android Debug Bridge\" \"Device\" port:5555\" Lantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords \"Lantronix password port:30718 -secured\" Citrix Virtual Apps \"\"Citrix Applications:\" port:1604\" Cisco Smart Install\n\nVulnerable (kind of \"by design,\" but especially when exposed). \"\"smart install client active\"\" PBX IP Phone Gateways \"PBX \"gateway console\" -password port:23\" Polycom Video Conferencing \"http.title:\"- Polycom\" \"Server: lighttpd\"\" \"\"Polycom Command Shell\" -failed port:23\" Telnet Configuration: \"\"Polycom Command Shell\" -failed port:23\"\n\nExample: Polycom Video Conferencing Bomgar Help Desk Portal \"\"Server: Bomgar\" \"200 OK\"\" Intel Active Management CVE-2017-5689 \"\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995\" \"\"Active Management Technology\"\" HP iLO 4 CVE-2017-12542 \"HP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\" Lantronix ethernet adapter's admin interface without password \"\"Press Enter for Setup Mode port:9999\"\" Wifi Passwords:\n\nHelps to find the cleartext wifi passwords in Shodan. \"html:\"def_wirelesspassword\"\" Misconfigured Wordpress Sites:\n\nThe wp-config.php if accessed can give out the database credentials. \"http.html:\"* The wp-config.php creation script uses this file\"\" Outlook Web Access: Exchange 2007 \"\"x-owa-version\" \"IE=EmulateIE7\" \"Server: Microsoft-IIS/7.0\"\" Exchange 2010 \"\"x-owa-version\" \"IE=EmulateIE7\" http.favicon.hash:442749392\" Exchange 2013 / 2016 \"\"X-AspNet-Version\" http.title:\"Outlook\" -\"x-owa-version\"\" Lync / Skype for Business \"\"X-MS-Server-Fqdn\"\" Network Attached Storage (NAS) SMB (Samba) File Shares\n\nProduces ~500,000 results...narrow down by adding \"Documents\" or \"Videos\", etc. \"\"Authentication: disabled\" port:445\" Specifically domain controllers: \"\"Authentication: disabled\" NETLOGON SYSVOL -unix port:445\" Concerning default network shares of QuickBooks files: \"\"Authentication: disabled\" \"Shared this folder to access QuickBooks files OverNetwork\" -unix port:445\" FTP Servers with Anonymous Login \"\"220\" \"230 Login successful.\" port:21\" Iomega / LenovoEMC NAS Drives \"\"Set-Cookie: iomega=\" -\"manage/login.html\" -http.title:\"Log In\"\" Buffalo TeraStation NAS Drives \"Redirecting sencha port:9000\" Logitech Media Servers \"\"Server: Logitech Media Server\" \"200 OK\"\"\n\nExample: Logitech Media Servers Plex Media Servers \"\"X-Plex-Protocol\" \"200 OK\" port:32400\" Tautulli / PlexPy Dashboards \"\"CherryPy/5.1.0\" \"/home\"\" Home router attached USB \"\"IPC$ all storage devices\"\" Webcams Generic camera search \"title:camera\" Webcams with screenshots \"webcam has_screenshot:true\" D-Link webcams \"\"d-Link Internet Camera, 200 OK\"\" Hipcam \"\"Hipcam RealServer/V1.0\"\" Yawcams \"\"Server: yawcam\" \"Mime-Type: text/html\"\" webcamXP/webcam7 \"(\"webcam 7\" OR \"webcamXP\") http.component:\"mootools\" -401\" Android IP Webcam Server \"\"Server: IP Webcam Server\" \"200 OK\"\" Security DVRs \"html:\"DVR_H264 ActiveX\"\" Surveillance Cams:\n\nWith username:admin and password: :P \"NETSurveillance uc-httpd\" \"Server: uc-httpd 1.0.0\" Printers &amp;amp; Copiers: HP Printers \"\"Serial Number:\" \"Built:\" \"Server: HP HTTP\"\" Xerox Copiers/Printers \"ssl:\"Xerox Generic Root\"\" Epson Printers \"\"SERVER: EPSON_Linux UPnP\" \"200 OK\"\" \"\"Server: EPSON-HTTP\" \"200 OK\"\" Canon Printers \"\"Server: KS_HTTP\" \"200 OK\"\" \"\"Server: CANON HTTP Server\"\" Home Devices Yamaha Stereos \"\"Server: AV_Recei[...]", "creation_timestamp": "2024-03-18T14:36:35.000000Z"}</description>
      <content:encoded>{"uuid": "1054384d-9794-4a32-912f-3fa060964dc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/709", "content": "\"port:23 console gateway\" Polycom video-conference system no-auth shell \"\"polycom command shell\"\" NPort serial-to-eth / MoCA devices without password \"nport -keyin port:23\" Android Root Bridges\n\nA tangential result of Google's sloppy fractured update approach. \ud83d\ude44 More information here. \"\"Android Debug Bridge\" \"Device\" port:5555\" Lantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords \"Lantronix password port:30718 -secured\" Citrix Virtual Apps \"\"Citrix Applications:\" port:1604\" Cisco Smart Install\n\nVulnerable (kind of \"by design,\" but especially when exposed). \"\"smart install client active\"\" PBX IP Phone Gateways \"PBX \"gateway console\" -password port:23\" Polycom Video Conferencing \"http.title:\"- Polycom\" \"Server: lighttpd\"\" \"\"Polycom Command Shell\" -failed port:23\" Telnet Configuration: \"\"Polycom Command Shell\" -failed port:23\"\n\nExample: Polycom Video Conferencing Bomgar Help Desk Portal \"\"Server: Bomgar\" \"200 OK\"\" Intel Active Management CVE-2017-5689 \"\"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995\" \"\"Active Management Technology\"\" HP iLO 4 CVE-2017-12542 \"HP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\" !\"HP-ILO-4/2.62\" !\"HP-iLO-4/2.70\" port:1900\" Lantronix ethernet adapter's admin interface without password \"\"Press Enter for Setup Mode port:9999\"\" Wifi Passwords:\n\nHelps to find the cleartext wifi passwords in Shodan. \"html:\"def_wirelesspassword\"\" Misconfigured Wordpress Sites:\n\nThe wp-config.php if accessed can give out the database credentials. \"http.html:\"* The wp-config.php creation script uses this file\"\" Outlook Web Access: Exchange 2007 \"\"x-owa-version\" \"IE=EmulateIE7\" \"Server: Microsoft-IIS/7.0\"\" Exchange 2010 \"\"x-owa-version\" \"IE=EmulateIE7\" http.favicon.hash:442749392\" Exchange 2013 / 2016 \"\"X-AspNet-Version\" http.title:\"Outlook\" -\"x-owa-version\"\" Lync / Skype for Business \"\"X-MS-Server-Fqdn\"\" Network Attached Storage (NAS) SMB (Samba) File Shares\n\nProduces ~500,000 results...narrow down by adding \"Documents\" or \"Videos\", etc. \"\"Authentication: disabled\" port:445\" Specifically domain controllers: \"\"Authentication: disabled\" NETLOGON SYSVOL -unix port:445\" Concerning default network shares of QuickBooks files: \"\"Authentication: disabled\" \"Shared this folder to access QuickBooks files OverNetwork\" -unix port:445\" FTP Servers with Anonymous Login \"\"220\" \"230 Login successful.\" port:21\" Iomega / LenovoEMC NAS Drives \"\"Set-Cookie: iomega=\" -\"manage/login.html\" -http.title:\"Log In\"\" Buffalo TeraStation NAS Drives \"Redirecting sencha port:9000\" Logitech Media Servers \"\"Server: Logitech Media Server\" \"200 OK\"\"\n\nExample: Logitech Media Servers Plex Media Servers \"\"X-Plex-Protocol\" \"200 OK\" port:32400\" Tautulli / PlexPy Dashboards \"\"CherryPy/5.1.0\" \"/home\"\" Home router attached USB \"\"IPC$ all storage devices\"\" Webcams Generic camera search \"title:camera\" Webcams with screenshots \"webcam has_screenshot:true\" D-Link webcams \"\"d-Link Internet Camera, 200 OK\"\" Hipcam \"\"Hipcam RealServer/V1.0\"\" Yawcams \"\"Server: yawcam\" \"Mime-Type: text/html\"\" webcamXP/webcam7 \"(\"webcam 7\" OR \"webcamXP\") http.component:\"mootools\" -401\" Android IP Webcam Server \"\"Server: IP Webcam Server\" \"200 OK\"\" Security DVRs \"html:\"DVR_H264 ActiveX\"\" Surveillance Cams:\n\nWith username:admin and password: :P \"NETSurveillance uc-httpd\" \"Server: uc-httpd 1.0.0\" Printers &amp;amp; Copiers: HP Printers \"\"Serial Number:\" \"Built:\" \"Server: HP HTTP\"\" Xerox Copiers/Printers \"ssl:\"Xerox Generic Root\"\" Epson Printers \"\"SERVER: EPSON_Linux UPnP\" \"200 OK\"\" \"\"Server: EPSON-HTTP\" \"200 OK\"\" Canon Printers \"\"Server: KS_HTTP\" \"200 OK\"\" \"\"Server: CANON HTTP Server\"\" Home Devices Yamaha Stereos \"\"Server: AV_Recei[...]", "creation_timestamp": "2024-03-18T14:36:35.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/1054384d-9794-4a32-912f-3fa060964dc3/export</guid>
      <pubDate>Mon, 18 Mar 2024 14:36:35 +0000</pubDate>
    </item>
    <item>
      <title>d5bb4af0-d0ca-4063-8b37-24e760d9bf5f</title>
      <link>https://db.gcve.eu/sighting/d5bb4af0-d0ca-4063-8b37-24e760d9bf5f/export</link>
      <description>{"uuid": "d5bb4af0-d0ca-4063-8b37-24e760d9bf5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "Telegram/oeyie75zG3_SNoWDIOM3WDpmeZVlUWQtaEBffFXwL3uuPw", "content": "", "creation_timestamp": "2024-03-18T14:36:32.000000Z"}</description>
      <content:encoded>{"uuid": "d5bb4af0-d0ca-4063-8b37-24e760d9bf5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "Telegram/oeyie75zG3_SNoWDIOM3WDpmeZVlUWQtaEBffFXwL3uuPw", "content": "", "creation_timestamp": "2024-03-18T14:36:32.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/d5bb4af0-d0ca-4063-8b37-24e760d9bf5f/export</guid>
      <pubDate>Mon, 18 Mar 2024 14:36:32 +0000</pubDate>
    </item>
    <item>
      <title>351cae77-2c72-41a7-99ac-e4527da23fc6</title>
      <link>https://db.gcve.eu/sighting/351cae77-2c72-41a7-99ac-e4527da23fc6/export</link>
      <description>{"uuid": "351cae77-2c72-41a7-99ac-e4527da23fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3830", "content": "\"DICOM Server Response\" port:104 GaugeTech Electricity Meters \"Server: EIG Embedded Web Server\" \"200 Document follows\" Siemens Industrial Automation \"Siemens, SIMATIC\" port:161 Siemens HVAC Controllers \"Server: Microsoft-WinCE\" \"Content-Length: 12581\" Door / Lock Access Controllers \"HID VertX\" port:4070 Railroad Management \"log off\" \"select the appropriate\" Tesla Powerpack charging Status: Helps to find the charging status of tesla powerpack. http.title:\"Tesla PowerPack System\" http.component:\"d3\" -ga3ca4f2 XZERES Wind Turbine title:\"xzeres wind\" PIPS Automated (https://www.kitploit.com/search/label/Automated) License Plate Reader \"html:\"PIPS Technology ALPR Processors\"\" Modbus \"port:502\" Niagara Fox \"port:1911,4911 product:Niagara\" GE-SRTP \"port:18245,18246 product:\"general electric\"\" MELSEC-Q \"port:5006,5007 product:mitsubishi\" CODESYS \"port:2455 operating system\" S7 \"port:102\" BACnet \"port:47808\" HART-IP \"port:5094 hart-ip\" Omron FINS \"port:9600 response code\" IEC 60870-5-104 \"port:2404 asdu address\" DNP3 \"port:20000 source address\" EtherNet/IP \"port:44818\" PCWorx \"port:1962 PLC\" Crimson v3.0 \"port:789 product:\"Red Lion Controls\" ProConOS \"port:20547 PLC\" Remote Desktop Unprotected VNC \"authentication disabled\" port:5900,5901 \"authentication disabled\" \"RFB 003.008\" Windows RDP 99.99% are secured by a secondary Windows login screen. \"\\x03\\x00\\x00\\x0b\\x06\\xd0\\x00\\x00\\x124\\x00\" C2 Infrastructure CobaltStrike Servers product:\"cobalt strike team server\" product:\"Cobalt Strike Beacon\" ssl.cert.serial:146473198 - default certificate serial number ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1 ssl:foren.zik Brute Ratel http.html_hash:-1957161625 product:\"Brute Ratel C4\" Covenant ssl:\"Covenant\" http.component:\"Blazor\" Metasploit ssl:\"MetasploitSelfSignedCA\" Network Infrastructure Hacked routers: Routers which got compromised hacked-router-help-sos Redis open instances product:\"Redis key-value store\" Citrix: Find Citrix Gateway. title:\"citrix gateway\" Weave Scope Dashboards Command-line access inside Kubernetes (https://www.kitploit.com/search/label/Kubernetes) pods and Docker containers, and real-time visualization/monitoring of the entire infrastructure. title:\"Weave Scope\" http.favicon.hash:567176827 Jenkins CI \"X-Jenkins\" \"Set-Cookie: JSESSIONID\" http.title:\"Dashboard\" Jenkins: Jenkins Unrestricted Dashboard x-jenkins 200 Docker APIs \"Docker Containers:\" port:2375 Docker Private Registries \"Docker-Distribution-Api-Version: registry\" \"200 OK\" -gitlab Pi-hole Open DNS Servers \"dnsmasq-pi-hole\" \"Recursion: enabled\" DNS Servers with recursion \"port: 53\" Recursion: Enabled Already Logged-In as root via Telnet \"root@\" port:23 -login -password -name -Session Telnet Access: NO password required for telnet access. port:23 console gateway Polycom video-conference system no-auth shell \"polycom command shell\" NPort serial-to-eth / MoCA devices without password nport -keyin port:23 Android Root Bridges A tangential result of Google's sloppy fractured update approach. \ud83d\ude44 More information here. \"Android Debug Bridge\" \"Device\" port:5555 Lantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords Lantronix password port:30718 -secured Citrix Virtual Apps \"Citrix Applications:\" port:1604 Cisco Smart Install Vulnerable (kind of \"by design,\" but especially when exposed). \"smart install client active\" PBX IP Phone Gateways PBX \"gateway console\" -password port:23 Polycom Video Conferencing http.title:\"- Polycom\" \"Server: lighttpd\" \"Polycom Command Shell\" -failed port:23 Telnet Configuration: \"Polycom Command Shell\" -failed port:23 Example: Polycom Video Conferencing Bomgar Help Desk Portal \"Server: Bomgar\" \"200 OK\" Intel Active Management (https://www.kitploit.com/search/label/Management) CVE-2017-5689 \"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995 \"Active Management Technology\" HP iLO 4 CVE-2017-12542 HP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\"", "creation_timestamp": "2024-03-18T12:04:27.000000Z"}</description>
      <content:encoded>{"uuid": "351cae77-2c72-41a7-99ac-e4527da23fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-12542", "type": "seen", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3830", "content": "\"DICOM Server Response\" port:104 GaugeTech Electricity Meters \"Server: EIG Embedded Web Server\" \"200 Document follows\" Siemens Industrial Automation \"Siemens, SIMATIC\" port:161 Siemens HVAC Controllers \"Server: Microsoft-WinCE\" \"Content-Length: 12581\" Door / Lock Access Controllers \"HID VertX\" port:4070 Railroad Management \"log off\" \"select the appropriate\" Tesla Powerpack charging Status: Helps to find the charging status of tesla powerpack. http.title:\"Tesla PowerPack System\" http.component:\"d3\" -ga3ca4f2 XZERES Wind Turbine title:\"xzeres wind\" PIPS Automated (https://www.kitploit.com/search/label/Automated) License Plate Reader \"html:\"PIPS Technology ALPR Processors\"\" Modbus \"port:502\" Niagara Fox \"port:1911,4911 product:Niagara\" GE-SRTP \"port:18245,18246 product:\"general electric\"\" MELSEC-Q \"port:5006,5007 product:mitsubishi\" CODESYS \"port:2455 operating system\" S7 \"port:102\" BACnet \"port:47808\" HART-IP \"port:5094 hart-ip\" Omron FINS \"port:9600 response code\" IEC 60870-5-104 \"port:2404 asdu address\" DNP3 \"port:20000 source address\" EtherNet/IP \"port:44818\" PCWorx \"port:1962 PLC\" Crimson v3.0 \"port:789 product:\"Red Lion Controls\" ProConOS \"port:20547 PLC\" Remote Desktop Unprotected VNC \"authentication disabled\" port:5900,5901 \"authentication disabled\" \"RFB 003.008\" Windows RDP 99.99% are secured by a secondary Windows login screen. \"\\x03\\x00\\x00\\x0b\\x06\\xd0\\x00\\x00\\x124\\x00\" C2 Infrastructure CobaltStrike Servers product:\"cobalt strike team server\" product:\"Cobalt Strike Beacon\" ssl.cert.serial:146473198 - default certificate serial number ssl.jarm:07d14d16d21d21d07c42d41d00041d24a458a375eef0c576d23a7bab9a9fb1 ssl:foren.zik Brute Ratel http.html_hash:-1957161625 product:\"Brute Ratel C4\" Covenant ssl:\"Covenant\" http.component:\"Blazor\" Metasploit ssl:\"MetasploitSelfSignedCA\" Network Infrastructure Hacked routers: Routers which got compromised hacked-router-help-sos Redis open instances product:\"Redis key-value store\" Citrix: Find Citrix Gateway. title:\"citrix gateway\" Weave Scope Dashboards Command-line access inside Kubernetes (https://www.kitploit.com/search/label/Kubernetes) pods and Docker containers, and real-time visualization/monitoring of the entire infrastructure. title:\"Weave Scope\" http.favicon.hash:567176827 Jenkins CI \"X-Jenkins\" \"Set-Cookie: JSESSIONID\" http.title:\"Dashboard\" Jenkins: Jenkins Unrestricted Dashboard x-jenkins 200 Docker APIs \"Docker Containers:\" port:2375 Docker Private Registries \"Docker-Distribution-Api-Version: registry\" \"200 OK\" -gitlab Pi-hole Open DNS Servers \"dnsmasq-pi-hole\" \"Recursion: enabled\" DNS Servers with recursion \"port: 53\" Recursion: Enabled Already Logged-In as root via Telnet \"root@\" port:23 -login -password -name -Session Telnet Access: NO password required for telnet access. port:23 console gateway Polycom video-conference system no-auth shell \"polycom command shell\" NPort serial-to-eth / MoCA devices without password nport -keyin port:23 Android Root Bridges A tangential result of Google's sloppy fractured update approach. \ud83d\ude44 More information here. \"Android Debug Bridge\" \"Device\" port:5555 Lantronix Serial-to-Ethernet Adapter Leaking Telnet Passwords Lantronix password port:30718 -secured Citrix Virtual Apps \"Citrix Applications:\" port:1604 Cisco Smart Install Vulnerable (kind of \"by design,\" but especially when exposed). \"smart install client active\" PBX IP Phone Gateways PBX \"gateway console\" -password port:23 Polycom Video Conferencing http.title:\"- Polycom\" \"Server: lighttpd\" \"Polycom Command Shell\" -failed port:23 Telnet Configuration: \"Polycom Command Shell\" -failed port:23 Example: Polycom Video Conferencing Bomgar Help Desk Portal \"Server: Bomgar\" \"200 OK\" Intel Active Management (https://www.kitploit.com/search/label/Management) CVE-2017-5689 \"Intel(R) Active Management Technology\" port:623,664,16992,16993,16994,16995 \"Active Management Technology\" HP iLO 4 CVE-2017-12542 HP-ILO-4 !\"HP-ILO-4/2.53\" !\"HP-ILO-4/2.54\" !\"HP-ILO-4/2.55\" !\"HP-ILO-4/2.60\" !\"HP-ILO-4/2.61\"", "creation_timestamp": "2024-03-18T12:04:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/351cae77-2c72-41a7-99ac-e4527da23fc6/export</guid>
      <pubDate>Mon, 18 Mar 2024 12:04:27 +0000</pubDate>
    </item>
  </channel>
</rss>
