Shodan

114.113.63.108

Regular View Raw Data
Last Seen: 2024-09-14

GeneralInformation

Country China
City Beijing
Organization CNISP-Union Technology (Beijing) Co., Ltd
ISP China Unicom Beijing Province Network
ASN AS4808

WebTechnologies

JavaScript libraries
jQuery1.7.2
Web frameworks
Microsoft ASP.NET

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts 

-1314237642 | 2024-09-11T07:51:15.987052
161 / udp 
-2034983504 | 2024-08-25T02:27:26.238388
1701 / udp 
-1538260461 | 2024-09-14T11:23:44.914355
2000 / tcp 
-2057919903 | 2024-09-05T07:00:20.029598
8086 / tcp



Products
Pricing
Contact Us

Shodan ® - All rights reserved

\", which results in the enclosed script logic to be executed.","verified":false},"CVE-2019-11358":{"cvss":4.3,"ports":[8086],"summary":"jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.","verified":false},"CVE-2015-9251":{"cvss":4.3,"ports":[8086],"summary":"jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.","verified":false},"CVE-2012-6708":{"cvss":4.3,"ports":[8086],"summary":"jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '<' character anywhere in the string, giving attackers more flexibility when attempting to construct a malicious payload. In fixed versions, jQuery only deems the input to be HTML if it explicitly starts with the '<' character, limiting exploitability only to attackers who can control the beginning of a string, which is far less common.","verified":false},"CVE-2010-3972":{"cvss":10.0,"ports":[8086],"summary":"Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka \"IIS FTP Service Heap Buffer Overrun Vulnerability.\" NOTE: some of these details are obtained from third party information.","verified":false},"CVE-2010-2730":{"cvss":9.3,"ports":[8086],"summary":"Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allows remote attackers to execute arbitrary code via crafted headers in a request, aka \"Request Header Buffer Overflow Vulnerability.\"","verified":false},"CVE-2010-1899":{"cvss":4.3,"ports":[8086],"summary":"Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services (IIS) 5.1, 6.0, 7.0, and 7.5 allows remote attackers to cause a denial of service (daemon outage) via a crafted request, related to asp.dll, aka \"IIS Repeated Parameter Request Denial of Service Vulnerability.\"","verified":false}}; setupBannerCve(); setupVulns(VULNS); })();