GeneralInformation

Hostnames	sotek.mycloudnas.com sotek.myqnapcloud.com 212.156.39.250.static.turktelekom.com.tr
Domains	mycloudnas.com myqnapcloud.com turktelekom.com.tr
Country	Turkey
City	Istanbul
Organization	Turk Telekom TTnet national backbone
ISP	Turk Telekomunikasyon Anonim Sirketi
ASN	AS9121
Operating System	QTS

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

OpenPorts

21 53 137 443 445 873 8080 10000 49152

21 / tcp

-1697808499 | 2025-01-15T08:03:25.887353

220 NASFTPD Turbo station 1.3.6 Server (ProFTPD) [::ffff:192.168.1.216]
530 Login incorrect.
214-The following commands are recognized (* =>'s unimplemented):
 CWD     XCWD    CDUP    XCUP    SMNT*   QUIT    PORT    PASV    
 EPRT    EPSV    ALLO*   RNFR    RNTO    DELE    MDTM    RMD     
 XRMD    MKD     XMKD    PWD     XPWD    SIZE    SYST    HELP    
 NOOP    FEAT    OPTS    HOST    CLNT    AUTH*   CCC*    CONF*   
 ENC*    MIC*    PBSZ*   PROT*   TYPE    STRU    MODE    RETR    
 STOR    STOU    APPE    REST    ABOR    USER    PASS    ACCT*   
 REIN*   LIST    NLST    STAT    SITE    MLSD    MLST    
214 Direct comments to root@192.168.1.216
211-Features:
 CLNT
 EPRT
 EPSV
 HOST
 LANG en-US*
 MDTM
 MFF modify;UNIX.group;UNIX.mode;
 MFMT
 MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
 REST STREAM
 SIZE
 TVFS
 UTF8
211 End

137 / udp

1560936646 | 2025-01-10T22:58:24.560536

NetBIOS Response:
  Server Name: LINKSYS10120
  MAC Address: 00:00:00:00:00:00
  Names:
    LINKSYS10120 <0x0>
    LINKSYS10120 <0x3>
    LINKSYS10120 <0x20>
    \x01\x02__MSBROWSE__\x02 <0x1>
    WORKGROUP <0x1d>
    WORKGROUP <0x1e>
    WORKGROUP <0x0>
  Additional Interfaces:
    192.168.1.1

443 / tcp

-558771039 | 2025-01-23T09:15:47.660729

Hashes

hash

777443480

http.dom_hash

1844292774

http.html_hash

-558771039

http.robots_hash

1205449819

http.server_hash

HTTP/1.1 200 OK
Date: Thu, 23 Jan 2025 09:15:45 GMT
Server:  
Strict-Transport-Security: max-age=0
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
Content-type: text/html; charset=UTF-8
Last-modified: Wed, 13 Nov 2024 19:34:02 GMT
Accept-Ranges: bytes
Content-length: 580
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff


QNAP:
  Hostname: SOTEK

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            03:29:0d:6e:e6:2d:88:7c:8c:26:a8:f5:bf:c2:62:4b:75:e1
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R11
        Validity
            Not Before: Jan 10 09:10:07 2025 GMT
            Not After : Apr 10 09:10:06 2025 GMT
        Subject: CN=sotek.myqnapcloud.com
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:b9:20:34:75:fc:9e:5f:7a:ca:30:68:80:9e:5b:
                    70:74:d3:d4:23:ee:d7:85:fd:b5:0c:13:d7:c2:94:
                    f9:f0:9c:83:c5:d1:a4:45:f1:eb:84:e6:7e:d9:76:
                    73:9e:2e:09:19:1a:57:a3:d1:ff:dc:73:21:6b:11:
                    81:d1:db:5e:0b:f5:4b:9c:f3:35:8a:81:1b:70:43:
                    af:83:30:5b:45:c6:98:22:a6:8d:15:0f:3d:8a:1e:
                    31:c5:d9:2e:85:4d:69:d3:41:7c:0f:1c:01:67:9f:
                    a6:44:d6:ad:98:17:31:15:7a:0e:ae:10:27:48:9b:
                    57:43:01:e3:35:85:36:df:26:03:89:09:57:bd:7d:
                    1b:a8:73:85:91:ee:1d:f6:48:7b:ac:3d:6b:24:18:
                    05:64:65:31:18:4d:0d:96:f7:38:81:50:72:2a:ff:
                    dc:a3:49:c3:89:f9:ee:58:0b:c2:a5:a5:b6:77:a3:
                    0b:52:4e:7b:a8:d4:fe:eb:bd:07:57:6f:b4:b7:68:
                    b7:58:ab:4a:c4:8a:59:8d:53:ac:df:5e:1d:38:d8:
                    fe:5b:4a:66:fb:00:e8:1e:40:45:5f:90:3a:51:64:
                    2c:74:1e:15:46:10:c0:ca:5a:66:18:09:ea:3b:e1:
                    8d:38:1f:b8:10:83:d3:e1:ea:0b:0e:37:89:23:46:
                    09:99
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                FE:05:81:94:7F:6A:E0:EC:6B:C6:18:63:77:C4:16:71:39:87:B4:68
            X509v3 Authority Key Identifier: 
                C5:CF:46:A4:EA:F4:C3:C0:7A:6C:95:C4:2D:B0:5E:92:2F:26:E3:B9
            Authority Information Access: 
                OCSP - URI:http://r11.o.lencr.org
                CA Issuers - URI:http://r11.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:sotek.mycloudnas.com, DNS:sotek.myqnapcloud.com
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : A2:E3:0A:E4:45:EF:BD:AD:9B:7E:38:ED:47:67:77:53:
                                D7:82:5B:84:94:D7:2B:5E:1B:2C:C4:B9:50:A4:47:E7
                    Timestamp : Jan 10 10:08:37.533 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:D0:9D:50:46:37:B1:A3:E8:5A:77:32:
                                CD:09:58:4B:5A:D2:84:E7:4A:48:57:2D:BD:9E:49:4E:
                                8A:AF:AF:BB:7D:02:20:32:21:8E:CD:D2:30:F4:9D:A0:
                                26:94:9C:AE:00:A1:AA:59:94:52:21:7F:8A:D9:F8:13:
                                A4:E4:7E:7E:C9:33:88
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : 13:4A:DF:1A:B5:98:42:09:78:0C:6F:EF:4C:7A:91:A4:
                                16:B7:23:49:CE:58:57:6A:DF:AE:DA:A7:C2:AB:E0:22
                    Timestamp : Jan 10 10:08:37.748 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:21:00:9F:25:C5:B0:99:21:46:BD:0E:3E:9F:
                                E0:33:44:D4:A0:82:6F:3D:A7:2D:A3:26:BC:7A:33:AD:
                                F3:4B:9E:79:C6:02:20:58:80:B6:9F:EF:DE:AD:88:0C:
                                39:EC:8F:67:54:DC:C0:4E:25:70:DE:C2:19:87:DC:37:
                                41:CA:FE:8B:6F:7B:F5
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        a4:f7:16:21:dd:bc:1b:bc:8e:04:5b:60:a7:fb:77:e4:78:ed:
        f5:8b:d8:3c:01:a5:07:84:c0:27:28:84:f0:ad:10:cd:fa:c3:
        1e:ef:50:1a:57:8a:52:6a:07:4a:f2:5c:df:56:71:c1:d6:d2:
        ed:ba:f0:dd:16:ad:c5:ff:d2:7e:55:df:02:a3:70:8a:cc:a4:
        f2:c8:4f:05:c5:56:84:6d:4b:92:bb:bb:b2:d0:d4:c9:1c:e6:
        5c:24:24:00:e3:41:4f:ad:d8:97:7c:ff:cd:42:55:2f:fd:11:
        47:fe:bd:de:50:9c:46:3d:a2:3d:76:bd:f5:51:62:cc:52:7c:
        36:43:cc:89:3e:7c:16:a1:78:15:7b:e6:fe:59:71:e1:a8:8b:
        c0:74:9b:21:ee:7f:82:e0:74:5e:7b:f1:0d:8b:e0:49:7d:96:
        98:bd:14:f7:94:e7:da:c8:4a:ca:ba:d4:10:e7:69:78:a8:65:
        49:21:7b:93:4d:68:d5:b3:05:95:5f:5e:6b:47:e7:9d:d5:8d:
        61:42:62:18:e5:84:2e:80:75:36:e5:79:70:af:94:fa:07:f5:
        a2:26:a3:ca:09:23:6f:c9:cc:14:15:56:35:c1:38:23:92:e0:
        79:79:29:f6:48:85:11:84:a8:fb:35:b9:98:f8:1f:20:be:5b:
        16:64:60:6f

445 / tcp

-366726685 | 2025-01-14T21:13:05.992963

SMB Status:
  Authentication: disabled
  SMB Version: 1
  Capabilities: dfs, infolevel-passthru, large-files, large-readx, large-writex, level2-oplocks, lock-and-read, nt-find, nt-smb, nt-status, raw-mode, rpc-remote-api, unicode, unix

Shares
Name                 Type       Comments
------------------------------------------------------------------------
IPC$                 IPC        IPC Service (Samba 3.0.28a)

873 / tcp

-174477706 | 2025-01-20T05:30:45.722844

@RSYNCD: 31.0 md5 md4\n@RSYNCD: AUTHREQD ZuFHRhR2cKHjtSk+mSoQqQ

8080 / tcp

-558771039 | 2024-12-25T04:56:06.419750

Hashes

hash

-1408697368

http.dom_hash

1844292774

http.html_hash

-558771039

http.server_hash

HTTP/1.1 200 OK
Date: Wed, 25 Dec 2024 04:56:05 GMT
Server:  
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; worker-src 'self' blob:
Content-type: text/html; charset=UTF-8
Last-modified: Wed, 13 Nov 2024 19:34:02 GMT
Accept-Ranges: bytes
Content-length: 580
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff


QNAP:
  Hostname: SOTEK

10000 / tcp

1616951146 | 2025-01-19T08:26:10.936745

HTTP/1.1 403 Forbidden
Content-Type: text/html
Content-Length: 345
CONTENT-LANGUAGE: en
Date: Sun, 19 Jan 2025 08:26:10 GMT
Server: lighttpd/1.4.39

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
  <title>403 - Forbidden</title>
 </head>
 <body>
  <h1>403 - Forbidden</h1>
 </body>
</html>

CVE-2019-11072 CVE-2018-19052

49152 / tcp

1379636754 | 2025-01-18T17:48:12.655533

Hashes

hash

652214432

http.dom_hash

-1273619370

http.html_hash

1379636754

http.server_hash

-1848144470

HTTP/1.1 404 Not Found
SERVER: Linux/2.6.36.4, UPnP/1.0, Portable SDK for UPnP devices/1.6.19
CONNECTION: close
CONTENT-LENGTH: 48
CONTENT-TYPE: text/html

212.156.39.250

Last Seen: 2025-01-23

GeneralInformation

Vulnerabilities

OpenPorts

21 / tcp

-1697808499 | 2025-01-15T08:03:25.887353

137 / udp

1560936646 | 2025-01-10T22:58:24.560536

443 / tcp

-558771039 | 2025-01-23T09:15:47.660729

Hashes

QNAP

445 / tcp

-366726685 | 2025-01-14T21:13:05.992963

873 / tcp

-174477706 | 2025-01-20T05:30:45.722844

rsyncd31.0 md5 md4

8080 / tcp

-558771039 | 2024-12-25T04:56:06.419750

Hashes

QNAP

10000 / tcp

1616951146 | 2025-01-19T08:26:10.936745

lighttpd1.4.39

49152 / tcp

1379636754 | 2025-01-18T17:48:12.655533

Hashes

Products

Pricing

Contact Us

212.156.39.250

Last Seen: 2025-01-23

GeneralInformation

Vulnerabilities All ports Port 10000 Latest CVSS

OpenPorts

21 / tcp -1697808499 | 2025-01-15T08:03:25.887353

137 / udp 1560936646 | 2025-01-10T22:58:24.560536

443 / tcp -558771039 | 2025-01-23T09:15:47.660729

Hashes

QNAP

445 / tcp -366726685 | 2025-01-14T21:13:05.992963

873 / tcp -174477706 | 2025-01-20T05:30:45.722844

rsyncd31.0 md5 md4

8080 / tcp -558771039 | 2024-12-25T04:56:06.419750

Hashes

QNAP

10000 / tcp 1616951146 | 2025-01-19T08:26:10.936745

lighttpd1.4.39

49152 / tcp 1379636754 | 2025-01-18T17:48:12.655533

Hashes

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

-1697808499 | 2025-01-15T08:03:25.887353

137 / udp

1560936646 | 2025-01-10T22:58:24.560536

443 / tcp

-558771039 | 2025-01-23T09:15:47.660729

445 / tcp

-366726685 | 2025-01-14T21:13:05.992963

873 / tcp

-174477706 | 2025-01-20T05:30:45.722844

8080 / tcp

-558771039 | 2024-12-25T04:56:06.419750

10000 / tcp

1616951146 | 2025-01-19T08:26:10.936745

49152 / tcp

1379636754 | 2025-01-18T17:48:12.655533