GeneralInformation

Cloud Provider	DigitalOcean
Cloud Region	de-he
Country	Germany
City	Frankfurt am Main
Organization	DigitalOcean, LLC
ISP	DigitalOcean, LLC
ASN	AS14061

WebTechnologies

Database managers

Adminer4.8.1

JavaScript libraries

C3.js

Programming languages

Python

PHP

Web servers

Uvicorn

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2024(2)

CVE-2024-25117

6.8php-svg-lib is a scalable vector graphics (SVG) file parsing/rendering library. Prior to version 0.5.2, php-svg-lib fails to validate that font-family doesn't contain a PHAR url, which might leads to RCE on PHP < 8.0, and doesn't validate if external references are allowed. This might leads to bypass of restrictions or RCE on projects that are using it, if they do not strictly revalidate the fontName that is passed by php-svg-lib. The `Style::fromAttributes(`), or the `Style::parseCssStyle()` should check the content of the `font-family` and prevents it to use a PHAR url, to avoid passing an invalid and dangerous `fontName` value to other libraries. The same check as done in the `Style::fromStyleSheets` might be reused. Libraries using this library as a dependency might be vulnerable to some bypass of restrictions, or even remote code execution, if they do not double check the value of the `fontName` that is passed by php-svg-lib. Version 0.5.2 contains a fix for this issue.

CVE-2024-5458

5.3In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when validating URLs (FILTER_VALIDATE_URL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly.

2022(1)

CVE-2022-4900

6.2A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.

2013(1)

CVE-2013-2220

7.5Buffer overflow in the radius_get_vendor_attr function in the Radius extension before 1.2.7 for PHP allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large Vendor Specific Attributes (VSA) length value.

2007(1)

CVE-2007-3205

5.0The parse_str function in (1) PHP, (2) Hardened-PHP, and (3) Suhosin, when called without a second parameter, might allow remote attackers to overwrite arbitrary variables by specifying variable names and values in the string to be parsed. NOTE: it is not clear whether this is a design limitation of the function or a bug in PHP, although it is likely to be regarded as a bug in Hardened-PHP and Suhosin.

OpenPorts

22 80 443 3000 8000 8080

22 / tcp

-767698887 | 2025-04-03T19:57:03.204027

SSH-2.0-OpenSSH_9.7p1 Ubuntu-7ubuntu4.2
Key type: ecdsa-sha2-nistp256
Key: AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBIpJbbQjhXWfr/YCOGQqB1PM
7vjJM2/Qqs/NVeJR5rDK69IiqadrUuE0MNeBE7iYoJMsvU7gjfkfQlvQH6Dy3+g=
Fingerprint: 44:d4:3d:d7:e5:e2:2d:62:02:d7:01:a7:c6:21:0a:03

Kex Algorithms:
	sntrup761x25519-sha512@openssh.com
	curve25519-sha256
	curve25519-sha256@libssh.org
	ecdh-sha2-nistp256
	ecdh-sha2-nistp384
	ecdh-sha2-nistp521
	diffie-hellman-group-exchange-sha256
	diffie-hellman-group16-sha512
	diffie-hellman-group18-sha512
	diffie-hellman-group14-sha256
	ext-info-s
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	rsa-sha2-512
	rsa-sha2-256
	ecdsa-sha2-nistp256
	ssh-ed25519

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes128-ctr
	aes192-ctr
	aes256-ctr
	aes128-gcm@openssh.com
	aes256-gcm@openssh.com

MAC Algorithms:
	umac-64-etm@openssh.com
	umac-128-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512-etm@openssh.com
	hmac-sha1-etm@openssh.com
	umac-64@openssh.com
	umac-128@openssh.com
	hmac-sha2-256
	hmac-sha2-512
	hmac-sha1

Compression Algorithms:
	none
	zlib@openssh.com

80 / tcp

731197476 | 2025-04-08T12:03:30.841354

Hashes

hash

869050696

http.dom_hash

-2006505642

http.html_hash

731197476

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Tue, 08 Apr 2025 12:03:30 GMT
Content-Length: 19

443 / tcp

731197476 | 2025-03-29T01:01:34.609717

Hashes

hash

-1105189784

http.dom_hash

-2006505642

http.html_hash

731197476

HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
X-Content-Type-Options: nosniff
Date: Sat, 29 Mar 2025 01:01:34 GMT
Content-Length: 19

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            b5:52:7f:f1:46:53:8b:57:ba:72:1e:98:56:7c:91:35
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=TRAEFIK DEFAULT CERT
        Validity
            Not Before: Mar 28 15:02:15 2025 GMT
            Not After : Mar 28 15:02:15 2026 GMT
        Subject: CN=TRAEFIK DEFAULT CERT
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:c9:e2:1d:c2:57:5c:76:59:ef:1f:4a:b9:7e:18:
                    89:7b:08:12:b5:54:22:87:1d:cb:fa:b3:d9:48:01:
                    9a:35:b3:fd:6b:d1:21:b4:d1:c4:1b:e7:50:57:2d:
                    0a:b4:16:aa:a1:42:f5:13:6c:78:c1:12:ee:a2:02:
                    0d:65:86:11:a9:7c:36:6e:1a:6f:28:9a:a3:93:d6:
                    8e:7b:f6:2c:f6:b7:84:3f:36:5d:cf:f8:12:c9:30:
                    68:e2:6b:4a:94:c5:f6:ca:33:8d:04:2d:f5:f9:78:
                    e7:d9:26:30:5a:88:e1:8b:39:d5:3a:24:f8:5e:21:
                    4c:e6:9e:1d:ee:d0:55:6a:25:f5:aa:72:66:4d:af:
                    02:a0:a9:ad:9b:28:90:bd:86:32:ed:b4:71:46:98:
                    4d:84:97:54:73:f1:ac:2c:ae:8b:37:8a:6e:e5:2d:
                    e4:7d:5b:d3:33:6b:5c:be:de:68:10:be:11:18:a5:
                    dc:5f:23:75:2c:d3:d5:39:25:d4:78:b1:7b:2a:c8:
                    7f:ed:d9:bf:a8:b1:58:44:10:b9:a6:c0:37:cb:30:
                    16:67:20:fd:16:f9:3d:f5:cd:4b:04:59:4a:b5:bf:
                    b5:7a:8d:83:f5:17:84:16:1d:70:09:23:9c:8e:b1:
                    ab:2f:f1:31:87:db:7e:0c:64:e1:0c:d9:d1:5c:79:
                    86:c1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment, Data Encipherment, Key Agreement
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Alternative Name: 
                DNS:4d3bc5b142db3ca6441b6751bfa670d4.c16a8a3c886801a44aa800b4db5ebd8d.traefik.default
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        43:be:c8:2e:bf:9e:9a:ab:81:2c:2b:35:72:b0:5c:9d:ea:94:
        0d:b2:4c:a0:85:12:4c:98:ae:6b:92:cc:14:07:bd:28:e7:af:
        a5:34:5d:ac:a6:2d:9e:f6:1c:f1:94:15:e2:0e:93:a2:32:d0:
        62:41:db:24:a0:9f:eb:1c:92:44:f4:4d:8a:61:25:0f:40:85:
        48:9b:58:11:d1:96:f8:bd:22:5f:8b:a3:3f:4c:78:a2:fb:45:
        50:36:6a:ea:c8:ff:bb:c2:c4:62:47:a9:4b:8e:fe:bd:3b:23:
        da:8a:93:a1:f3:d6:e8:8e:35:ca:8e:64:47:df:03:49:a6:28:
        53:58:53:7d:e8:0f:16:f8:9d:cd:4a:83:89:1f:b4:e3:f3:99:
        b0:61:da:94:5e:eb:a1:7b:30:32:85:85:f0:28:e0:6d:85:03:
        3f:98:25:db:6e:45:5f:b8:88:dd:4e:b7:22:74:ca:12:e4:18:
        3d:d3:66:7c:a9:8d:c0:48:32:3a:5f:81:ed:16:b2:50:c3:97:
        8e:03:ab:fe:05:26:d1:dd:2c:65:e6:9f:00:69:04:ad:f4:96:
        60:82:da:b2:86:a5:c2:cd:da:8e:db:08:e3:7e:b4:46:61:bb:
        a5:c0:0e:ce:12:bc:eb:1f:37:36:af:bc:86:6f:3a:c1:47:3b:
        b6:92:a3:0f

3000 / tcp

521079785 | 2025-03-23T01:57:45.182170

Hashes

hash

-569641639

http.dom_hash

792218926

http.html_hash

521079785

http.title_hash

-721816684

Eventily

HTTP/1.1 200 OK
Vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding
x-nextjs-cache: HIT
X-Powered-By: Next.js
Cache-Control: s-maxage=31536000, stale-while-revalidate
ETag: "k5z16up18g6gt"
Content-Type: text/html; charset=utf-8
Content-Length: 8386
Date: Sun, 23 Mar 2025 01:57:44 GMT
Connection: keep-alive
Keep-Alive: timeout=5

8000 / tcp

-166216652 | 2025-04-10T07:03:29.450504

Hashes

hash

-72108099

http.dom_hash

-2006505642

http.html_hash

-166216652

http.server_hash

482313215

HTTP/1.1 404 Not Found
date: Thu, 10 Apr 2025 07:03:29 GMT
server: uvicorn
content-length: 22
content-type: application/json

8080 / tcp

-1167125109 | 2025-04-01T16:23:07.095402

Hashes

hash

438520862

http.dom_hash

-1204848035

http.favicon.hash

572074752

http.html_hash

-1167125109

http.title_hash

316595402

HTTP/1.1 200 OK
Host: 46.101.117.215
Date: Tue, 01 Apr 2025 16:23:07 GMT
Connection: close
X-Powered-By: PHP/7.4.33
Set-Cookie: adminer_sid=5sgaovdjb52os8hnd3tg65t9gm; path=/; HttpOnly
Set-Cookie: adminer_key=81cb50f9253e5e08c01b3d141bc316d5; path=/; HttpOnly; SameSite=lax
Content-Type: text/html; charset=utf-8
Cache-Control: no-cache
X-Frame-Options: deny
X-XSS-Protection: 0
X-Content-Type-Options: nosniff
Referrer-Policy: origin-when-cross-origin
Content-Security-Policy: script-src 'self' 'unsafe-inline' 'nonce-YmEyNTQ3MWQzNGQyNGI0MjRiN2NlOTMxNjY2NzRlNTQ=' 'strict-dynamic'; connect-src 'self'; frame-src https://www.adminer.org; object-src 'none'; base-uri 'none'; form-action 'self'

Vulnerabilities

1 4

46.101.117.215

Last Seen: 2025-04-10

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities

OpenPorts

22 / tcp

-767698887 | 2025-04-03T19:57:03.204027

OpenSSH9.7p1 Ubuntu 7ubuntu4.2

80 / tcp

731197476 | 2025-04-08T12:03:30.841354

Hashes

443 / tcp

731197476 | 2025-03-29T01:01:34.609717

Hashes

3000 / tcp

521079785 | 2025-03-23T01:57:45.182170

Hashes

8000 / tcp

-166216652 | 2025-04-10T07:03:29.450504

Hashes

8080 / tcp

-1167125109 | 2025-04-01T16:23:07.095402

Hashes

Products

Pricing

Contact Us

46.101.117.215

Last Seen: 2025-04-10

Tags:

GeneralInformation

WebTechnologies

Vulnerabilities All ports Port 8080 Latest CVSS

OpenPorts

22 / tcp -767698887 | 2025-04-03T19:57:03.204027

OpenSSH9.7p1 Ubuntu 7ubuntu4.2

80 / tcp 731197476 | 2025-04-08T12:03:30.841354

Hashes

443 / tcp 731197476 | 2025-03-29T01:01:34.609717

Hashes

3000 / tcp 521079785 | 2025-03-23T01:57:45.182170

Hashes

8000 / tcp -166216652 | 2025-04-10T07:03:29.450504

Hashes

8080 / tcp -1167125109 | 2025-04-01T16:23:07.095402

Hashes

Products

Pricing

Contact Us

Vulnerabilities

22 / tcp

-767698887 | 2025-04-03T19:57:03.204027

80 / tcp

731197476 | 2025-04-08T12:03:30.841354

443 / tcp

731197476 | 2025-03-29T01:01:34.609717

3000 / tcp

521079785 | 2025-03-23T01:57:45.182170

8000 / tcp

-166216652 | 2025-04-10T07:03:29.450504

8080 / tcp

-1167125109 | 2025-04-01T16:23:07.095402