GeneralInformation

Hostnames	caedns.it
Domains	caedns.it
Country	Italy
City	La Spezia
Organization	Telecom Italia Mobile
ISP	Telecom Italia S.p.A.
ASN	AS16232

WebTechnologies

JavaScript libraries

jQuery3.4.1

UI frameworks

Bootstrap

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2022(1)

CVE-2022-22707

5.9In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.

2020(2)

CVE-2020-11023

6.9In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

CVE-2020-11022

6.9In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

2019(1)

CVE-2019-11072

9.8lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.

2018(1)

CVE-2018-19052

7.5An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.

OpenPorts

80 443

80 / tcp

0 | 2025-04-15T10:19:11.488660

Hashes

hash

1130038105

http.dom_hash

http.html_hash

http.server_hash

175063468

HTTP/1.1 301 Moved Permanently
Location: https://2.193.231.220/
Content-Length: 0
Date: Tue, 15 Apr 2025 10:19:10 GMT
Server: lighttpd/1.4.49

Vulnerabilities

1 1 1

443 / tcp

-897113873 | 2025-04-15T11:03:08.775744

Hashes

hash

-173170745

http.dom_hash

-1600706095

http.favicon.hash

485681953

http.html_hash

-897113873

http.server_hash

175063468

http.title_hash

601739257

Compact

HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Type: text/html
Accept-Ranges: bytes
ETag: "1655752067"
Last-Modified: Fri, 04 Sep 2020 13:02:32 GMT
Content-Length: 2686
Date: Tue, 15 Apr 2025 11:03:07 GMT
Server: lighttpd/1.4.49

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            05:82:fd:5c:12:b2:64:bd:2a:a8:8f:ec:c1:16:56:74
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=DigiCert Inc, OU=www.digicert.com, CN=Thawte TLS RSA CA G1
        Validity
            Not Before: Jan 10 00:00:00 2024 GMT
            Not After : Jan 22 23:59:59 2025 GMT
        Subject: C=IT, ST=Emilia-Romagna, L=San Lazzaro di Savena, O=CAE SPA, CN=*.caedns.it
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:ac:5c:aa:bc:af:ba:d8:45:93:a3:50:a2:99:7a:
                    61:30:ab:13:54:ee:2a:79:57:f0:5b:f6:dd:80:f1:
                    d4:39:2d:54:7a:55:73:58:b7:e1:7d:5f:dc:a7:ca:
                    b2:80:94:e0:93:60:38:f3:5e:f8:ce:c6:5c:c1:75:
                    65:0a:56:dc:49:2e:44:6f:d6:49:cd:09:8c:43:69:
                    b7:0f:7a:5d:bf:a1:6c:f8:22:68:8a:41:2e:06:00:
                    b3:cc:a7:f6:01:28:aa:a6:40:6e:9c:36:1d:a2:84:
                    30:f8:ff:06:2d:bc:2a:3c:32:3d:b1:6c:02:51:ac:
                    3f:eb:96:7d:31:f0:d2:09:88:12:63:e1:d3:aa:20:
                    9a:f4:9d:a7:37:e5:cd:f6:04:19:2d:e6:b2:cc:67:
                    0b:74:da:58:26:64:b6:86:7a:5d:49:f5:8a:e5:d3:
                    fe:fc:d6:ed:6f:ff:07:dd:f8:d7:86:6c:af:bd:61:
                    c1:3f:a5:c4:c0:e9:ae:50:71:65:a9:81:d1:52:da:
                    9c:2d:9e:95:a9:d2:f2:79:9d:d8:48:9e:61:d4:de:
                    0f:a1:5d:69:6c:3d:f3:4f:8c:61:d2:a8:9c:38:a0:
                    1e:81:11:78:84:c3:e0:db:4e:98:6a:be:6c:29:0d:
                    ed:1f:e5:4d:84:c8:b3:e6:c6:86:5e:1d:77:b0:2d:
                    a1:5f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Authority Key Identifier: 
                A5:8C:FE:32:CC:EB:0F:2C:D4:19:C6:08:B8:00:24:88:5D:C3:C5:B7
            X509v3 Subject Key Identifier: 
                6E:C3:C9:8C:20:5E:6B:87:02:65:DA:FA:89:7A:17:23:99:F5:99:C6
            X509v3 Subject Alternative Name: 
                DNS:*.caedns.it, DNS:caedns.it
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.2
                  CPS: http://www.digicert.com/CPS
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://cdp.thawte.com/ThawteTLSRSACAG1.crl
            Authority Information Access: 
                OCSP - URI:http://status.thawte.com
                CA Issuers - URI:http://cacerts.thawte.com/ThawteTLSRSACAG1.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 4E:75:A3:27:5C:9A:10:C3:38:5B:6C:D4:DF:3F:52:EB:
                                1D:F0:E0:8E:1B:8D:69:C0:B1:FA:64:B1:62:9A:39:DF
                    Timestamp : Jan 10 13:14:25.770 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:BE:A3:E6:00:B2:8C:5A:77:37:16:A1:
                                E1:61:51:AF:F6:C8:CF:52:D1:2D:42:FF:C4:6B:40:FA:
                                1A:04:41:07:29:02:21:00:C9:55:BC:AF:53:5A:08:A2:
                                1A:58:7D:86:48:18:16:49:08:A1:1A:DA:30:F5:55:42:
                                E3:7D:05:54:CB:AE:CD:2A
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 7D:59:1E:12:E1:78:2A:7B:1C:61:67:7C:5E:FD:F8:D0:
                                87:5C:14:A0:4E:95:9E:B9:03:2F:D9:0E:8C:2E:79:B8
                    Timestamp : Jan 10 13:14:25.735 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:46:02:21:00:9A:D9:6B:AA:F5:93:1E:C9:AF:B2:D4:
                                7B:CF:6E:BD:FA:D9:B5:F8:8B:93:8E:9F:03:BA:7B:F2:
                                7E:7D:30:CD:AE:02:21:00:FA:EA:91:6B:66:1A:C8:2E:
                                D7:47:B7:B0:F7:90:EE:71:83:68:3E:83:F9:80:B0:E2:
                                19:64:72:94:E2:36:2D:7C
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E6:D2:31:63:40:77:8C:C1:10:41:06:D7:71:B9:CE:C1:
                                D2:40:F6:96:84:86:FB:BA:87:32:1D:FD:1E:37:8E:50
                    Timestamp : Jan 10 13:14:25.774 2024 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:44:02:20:6E:11:0D:EA:B7:8B:F0:8E:75:64:8C:FD:
                                5C:E6:8C:45:94:1C:B9:C9:F7:72:8E:C1:A0:98:1D:09:
                                00:EB:9A:9F:02:20:1D:25:D5:13:48:0C:6F:53:14:A5:
                                12:B4:39:F4:C9:FD:59:94:18:F4:8D:C6:3B:48:19:4E:
                                33:F0:F9:9E:8B:D2
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        3d:40:24:a5:5a:1a:52:98:6b:80:66:da:a9:0a:ce:49:ff:b3:
        90:04:c3:73:a4:b8:8f:41:43:a2:49:7d:0c:03:61:a3:fa:a5:
        6f:b3:a4:5d:97:25:78:ee:07:9a:70:f6:53:68:32:c9:62:1a:
        86:90:99:f3:b9:39:1a:e7:bc:30:ed:fe:0a:cb:62:a1:e4:09:
        b5:0d:94:1d:e7:8c:58:68:c6:60:63:47:ff:36:f2:7b:d2:7a:
        0c:76:41:b6:72:fb:a2:59:11:a7:be:d4:ea:5f:93:32:d3:92:
        4f:fd:9a:fa:e2:8d:05:d7:68:b4:70:6c:bf:aa:7f:69:0b:a0:
        87:43:ec:e3:25:40:3e:a0:39:2b:54:f1:b0:e7:79:21:ba:cb:
        02:6b:ad:76:98:9d:9e:bc:f6:dd:cb:c7:54:cc:9c:e9:21:04:
        02:72:27:90:4b:2a:e9:da:93:f4:43:31:ad:3f:bd:f6:a6:f1:
        d1:bb:11:83:7c:c8:62:88:c2:e2:97:8f:72:42:e9:d4:0f:8d:
        9e:95:8e:1f:2d:e1:38:fe:50:a2:d9:28:ac:b9:53:0b:86:c5:
        97:82:b2:62:32:64:b1:14:92:d3:be:4c:7b:2f:b1:ee:c8:eb:
        44:45:0f:08:b2:4b:68:f4:6f:af:f5:91:f0:d2:67:f7:cc:39:
        3f:22:cf:dd

Vulnerabilities

1 1 3

2.193.231.220

Last Seen: 2025-04-15

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

80 / tcp

0 | 2025-04-15T10:19:11.488660

Hashes

lighttpd1.4.49

443 / tcp

-897113873 | 2025-04-15T11:03:08.775744

Hashes

lighttpd1.4.49

Products

Pricing

Contact Us

2.193.231.220

Last Seen: 2025-04-15

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 80 Port 443 Latest CVSS

OpenPorts

80 / tcp 0 | 2025-04-15T10:19:11.488660

Hashes

lighttpd1.4.49

443 / tcp -897113873 | 2025-04-15T11:03:08.775744

Hashes

lighttpd1.4.49

Products

Pricing

Contact Us

Vulnerabilities

80 / tcp

0 | 2025-04-15T10:19:11.488660

443 / tcp

-897113873 | 2025-04-15T11:03:08.775744