GeneralInformation

Hostnames	beget.tech
Domains	beget.tech
Country	Russian Federation
City	Saint Petersburg
Organization	Beget Ltd
ISP	Beget LLC
ASN	AS198610

Vulnerabilities

Note: the device may not be impacted by all of these issues. The vulnerabilities are implied based on the software and version.

2025(1)

CVE-2025-26466

5.9A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.

OpenPorts

21 22

21 / tcp

-488701822 | 2025-03-26T02:39:14.306070

220 Welcome to LTD BeGet FTP Server 'quake3'
530 Login incorrect.
530 Please login with USER and PASS.
211-Features:
 EPRT
 EPSV
 MDTM
 PASV
 PBSZ
 PROT
 REST STREAM
 SIZE
 TVFS
 UTF8
211 End

SSL Certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:6c:96:54:8e:c3:3d:b5:71:32:cf:ba:33:01:5e:b7:79:3a
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, O=Let's Encrypt, CN=R10
        Validity
            Not Before: Mar 20 23:18:56 2025 GMT
            Not After : Jun 18 23:18:55 2025 GMT
        Subject: CN=beget.tech
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d0:47:4f:7c:b1:de:ae:b4:a8:42:bd:1c:3e:ef:
                    d9:3c:58:3b:8f:c3:7d:98:3f:55:00:29:7e:d8:cb:
                    26:1e:a6:f1:80:45:20:a4:44:a9:02:47:47:c6:21:
                    2c:93:f0:39:ed:18:00:56:e1:27:a7:be:bd:24:21:
                    ab:99:83:d9:39:3e:ec:d2:f9:7b:4b:e2:81:79:35:
                    ef:e9:ea:49:b3:de:a0:ef:f8:a3:20:d9:2a:ef:a6:
                    fc:46:54:64:f8:19:a6:b8:c0:56:a9:db:fe:74:7d:
                    cd:9b:7f:12:da:f2:cd:02:3a:59:ea:95:3c:22:93:
                    ac:e2:0a:df:85:18:de:c8:f9:c9:76:59:ff:e5:84:
                    3e:11:78:ad:6c:21:7e:cf:ad:f3:2a:5e:4d:73:f2:
                    57:fe:d2:75:8e:9c:ff:6d:59:a7:df:13:8d:c0:55:
                    a3:2e:5e:bd:9c:c4:5d:6b:5d:45:a5:e4:0e:05:fa:
                    68:7b:d9:c7:6b:f9:55:f0:8e:50:17:9e:a0:2c:20:
                    96:3c:e9:03:33:ef:0b:c6:b8:32:ef:51:46:76:23:
                    6a:8e:b5:f5:29:91:2d:e0:f2:7e:75:69:d8:c7:5d:
                    40:a3:9a:8e:94:f1:4e:a3:27:3a:fa:8e:5d:0d:ea:
                    db:08:0a:d3:a2:a3:4b:ad:19:a2:e0:09:7c:a1:34:
                    3a:f1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Key Encipherment
            X509v3 Extended Key Usage: 
                TLS Web Server Authentication, TLS Web Client Authentication
            X509v3 Basic Constraints: critical
                CA:FALSE
            X509v3 Subject Key Identifier: 
                7A:F2:0C:1D:1E:E3:EC:E9:09:D8:F6:5D:EE:00:7E:EF:86:C0:A1:BA
            X509v3 Authority Key Identifier: 
                BB:BC:C3:47:A5:E4:BC:A9:C6:C3:A4:72:0C:10:8D:A2:35:E1:C8:E8
            Authority Information Access: 
                OCSP - URI:http://r10.o.lencr.org
                CA Issuers - URI:http://r10.i.lencr.org/
            X509v3 Subject Alternative Name: 
                DNS:*.beget.tech, DNS:beget.tech
            X509v3 Certificate Policies: 
                Policy: 2.23.140.1.2.1
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://r10.c.lencr.org/59.crl
            CT Precertificate SCTs: 
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : CC:FB:0F:6A:85:71:09:65:FE:95:9B:53:CE:E9:B2:7C:
                                22:E9:85:5C:0D:97:8D:B6:A9:7E:54:C0:FE:4C:0D:B0
                    Timestamp : Mar 21 00:17:26.710 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:1B:92:96:8F:05:56:33:8E:99:75:87:5A:
                                40:15:09:4C:F8:FC:49:4D:CD:5A:E3:49:AF:38:AA:63:
                                7F:01:21:4C:02:21:00:F2:F5:35:78:E9:39:BA:E5:D8:
                                33:2A:36:F6:8C:35:35:73:6E:C4:E2:22:17:62:85:9E:
                                76:3E:19:E5:50:AD:38
                Signed Certificate Timestamp:
                    Version   : v1 (0x0)
                    Log ID    : E0:92:B3:FC:0C:1D:C8:E7:68:36:1F:DE:61:B9:96:4D:
                                0A:52:78:19:8A:72:D6:72:C4:B0:4D:A5:6D:6F:54:04
                    Timestamp : Mar 21 00:17:28.807 2025 GMT
                    Extensions: none
                    Signature : ecdsa-with-SHA256
                                30:45:02:20:26:02:06:72:3D:E8:4D:E4:88:B3:0D:60:
                                0C:1B:6B:E6:71:D6:81:79:6C:91:59:22:21:5F:21:75:
                                12:7F:AF:82:02:21:00:83:BA:70:23:90:3E:05:E1:87:
                                92:49:C6:94:59:1C:17:59:E6:DE:4E:5E:94:94:5B:62:
                                17:EA:F2:C7:21:3C:CC
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        c3:12:0e:2f:94:79:18:62:6c:8f:6b:97:f7:f4:39:f4:2d:49:
        aa:55:b7:13:e2:38:5b:4c:a3:97:62:62:a4:9a:f1:f4:45:aa:
        ae:0b:02:e2:06:aa:5f:cd:65:c8:36:96:a5:a2:12:02:1c:a4:
        93:a2:de:af:14:c0:d8:8b:91:17:f0:a4:bf:ae:46:6e:c5:33:
        21:cc:02:64:04:c5:59:28:19:d3:21:dd:75:25:e9:14:e2:65:
        9a:a3:06:3b:b2:8a:81:40:f6:d5:4c:eb:92:42:38:85:93:5b:
        7b:ea:2d:a7:e1:c7:5d:83:cd:55:53:9d:8e:f8:8c:86:b2:45:
        23:a4:7f:2d:14:ef:16:88:b2:10:f0:ab:01:8a:f7:55:3c:ff:
        87:45:35:d1:cd:0c:94:3a:1c:f4:b7:db:82:43:1f:94:d9:8d:
        fa:94:dd:41:e0:e5:2e:86:32:19:21:7b:18:56:c1:28:66:6f:
        8d:5f:7c:59:c5:b0:5d:01:e2:6d:2c:12:51:9a:14:09:c8:b8:
        97:3b:e6:e0:44:09:7e:46:1c:46:98:23:62:04:41:41:00:1f:
        b1:24:80:1e:0f:76:87:14:5c:54:4b:61:e3:0e:18:bd:cb:4c:
        93:28:00:de:77:77:12:8b:31:d3:80:c7:cb:49:38:b6:4a:04:
        1c:66:8d:6f

22 / tcp

1126558010 | 2025-04-01T03:18:01.870018

SSH-2.0-OpenSSH_9.8
Key type: ssh-ed25519
Key: AAAAC3NzaC1lZDI1NTE5AAAAIGSCgbYYJhtfKK3zgrilqAtnXMh/QduYwFxkNbPxpNqy
Fingerprint: 3e:98:cc:da:55:a9:ac:7f:a6:35:a6:51:94:6e:f4:4a

Kex Algorithms:
	curve25519-sha256
	curve25519-sha256@libssh.org
	diffie-hellman-group18-sha512
	diffie-hellman-group16-sha512
	diffie-hellman-group-exchange-sha256
	ext-info-s
	kex-strict-s-v00@openssh.com

Server Host Key Algorithms:
	ssh-ed25519
	rsa-sha2-512
	rsa-sha2-256

Encryption Algorithms:
	chacha20-poly1305@openssh.com
	aes256-gcm@openssh.com
	aes128-gcm@openssh.com
	aes256-ctr
	aes192-ctr
	aes128-ctr

MAC Algorithms:
	hmac-sha2-512-etm@openssh.com
	hmac-sha2-256-etm@openssh.com
	hmac-sha2-512
	hmac-sha2-256

Compression Algorithms:
	none
	zlib@openssh.com

Vulnerabilities

87.236.16.152

Last Seen: 2025-04-01

Tags:

GeneralInformation

Vulnerabilities

OpenPorts

21 / tcp

-488701822 | 2025-03-26T02:39:14.306070

22 / tcp

1126558010 | 2025-04-01T03:18:01.870018

OpenSSH9.8

Products

Pricing

Contact Us

87.236.16.152

Last Seen: 2025-04-01

Tags:

GeneralInformation

Vulnerabilities All ports Port 22 Latest CVSS

OpenPorts

21 / tcp -488701822 | 2025-03-26T02:39:14.306070

22 / tcp 1126558010 | 2025-04-01T03:18:01.870018

OpenSSH9.8

Products

Pricing

Contact Us

Vulnerabilities

21 / tcp

-488701822 | 2025-03-26T02:39:14.306070

22 / tcp

1126558010 | 2025-04-01T03:18:01.870018