gobysec / Goby

Attack surface mapping
https://gobies.org/
1.42k stars 151 forks source link

发现存在未知错误!!! #398

Closed hhh966 closed 1 year ago

hhh966 commented 1 year ago
image

2023/02/17 13:30:32 Successfully raised file descriptor limit to 10240 2023/02/17 13:30:32 read user rule file ok: 0 2023/02/17 13:30:32 Version: v2.0.318 beta 2023/02/17 13:30:32 LicenseName: Enterprise 2023/02/17 13:30:33 API Server listen at 127.0.0.1:8361 2023/02/17 13:30:34 127.0.0.1:55206 GET /api/v1/live
2023/02/17 13:30:34 127.0.0.1:55207 POST /api/v1/setEnvi
2023/02/17 13:30:34 127.0.0.1:55212 GET /api/v1/getEnvi?field=chromePath,dataIntegrity,datadir,dir,midKey,proxyServer,userRuleSize,vulVersion
2023/02/17 13:30:34 127.0.0.1:55213 GET /api/v1/getEnvi?field=ip
2023/02/17 13:30:34 127.0.0.1:55214 GET /api/v1/getEnvi?field=gid,key,godserver
2023/02/17 13:30:34 [DEBUG] get adapter of device 2023/02/17 13:30:34 [DEBUG] devices: [{en0 30 [{fe80::14d6:dbf3:817a:ee45 ffffffffffffffff0000000000000000 } {172.30.3.137 fffffc00 172.30.3.255 }]} {awdl0 30 [{fe80::b817:c6ff:fe6a:4a67 ffffffffffffffff0000000000000000 }]} {llw0 30 [{fe80::b817:c6ff:fe6a:4a67 ffffffffffffffff0000000000000000 }]} {utun0 54 [{fe80::dc36:6e1c:dd69:2f57 ffffffffffffffff0000000000000000 }]} {ap1 46 []} {utun1 54 [{fe80::1179:48cc:5349:5ebe ffffffffffffffff0000000000000000 }]} {utun2 54 [{fe80::ce81:b1c:bd2c:69e ffffffffffffffff0000000000000000 }]} {utun4 54 [{2.0.10.7 2.0.10.7}]} {lo0 55 [{127.0.0.1 ff000000 } {::1 ffffffffffffffffffffffffffffffff } {fe80::1 ffffffffffffffff0000000000000000 }]} {anpi0 38 [{fe80::8f6:51ff:fe1f:aa5d ffffffffffffffff0000000000000000 }]} {bridge0 38 []} {anpi1 38 [{fe80::8f6:51ff:fe1f:aa5e ffffffffffffffff0000000000000000 }]} {en1 38 []} {en2 38 []} {en3 38 []} {en4 38 []} {gif0 48 []} {stf0 48 []}] 2023/02/17 13:30:34 [DEBUG] getGatewayMac: en0 0.0.0.0 2023/02/17 13:30:34 127.0.0.1:55219 POST /api/v1/getTasks
2023/02/17 13:30:34 127.0.0.1:55220 GET /api/v1/getEnvi?field=licenseInfo,midKey
2023/02/17 13:30:35 find router mac is e4:68:a3:8b:10:88 2023/02/17 13:30:35 [DEBUG] fetch mac address: en0 e4:68:a3:8b:10:88 2023/02/17 13:30:35 [DEBUG] close pcap handler for getGatewayMac 2023/02/17 13:31:07 127.0.0.1:55465 POST /api/v1/getStatisticsData
2023/02/17 13:31:09 127.0.0.1:55478 POST /api/v1/resumeScan
2023/02/17 13:31:09 scan 1,7,9,13,19,21-23,25,37,42,49,53,69,79-81,85,105,109-111,113,123,135,137-139,143,161,179,222,264,384,389,402,407,443-446,465,500,502,512-515,523-524,540,548,554,587,617,623,689,705,771,783,873,888,902,910,912,921,993,995,998,1000,1024,1030,1035,1090,1098-1103,1128-1129,1158,1199,1211,1220,1234,1241,1300,1311,1352,1433-1435,1440,1494,1521,1530,1533,1581-1582,1604,1720,1723,1755,1811,1900,2000-2001,2049,2082,2083,2100,2103,2121,2199,2207,2222,2323,2362,2375,2380-2381,2525,2533,2598,2601,2604,2638,2809,2947,2967,3000,3037,3050,3057,3128,3200,3217,3273,3299,3306,3311,3312,3389,3460,3500,3628,3632,3690,3780,3790,3817,4000,4322,4433,4444-4445,4659,4679,4848,5000,5038,5040,5051,5060-5061,5093,5168,5247,5250,5351,5353,5355,5400,5405,5432-5433,5498,5520-5521,5554-5555,5560,5580,5601,5631-5632,5666,5800,5814,5900-5910,5920,5984-5986,6000,6050,6060,6070,6080,6082,6101,6106,6112,6262,6379,6405,6502-6504,6542,6660-6661,6667,6905,6988,7001,7021,7071,7080,7144,7181,7210,7443,7510,7579-7580,7700,7770,7777-7778,7787,7800-7801,7879,7902,8000-8001,8008,8014,8020,8023,8028,8030,8080-8082,8087,8090,8095,8161,8180,8205,8222,8300,8303,8333,8400,8443-8444,8503,8800,8812,8834,8880,8888-8890,8899,8901-8903,9000,9002,9060,9080-9081,9084,9090,9099-9100,9111,9152,9200,9390-9391,9443,9495,9809-9815,9855,9999-10001,10008,10050-10051,10080,10098,10162,10202-10203,10443,10616,10628,11000,11099,11211,11234,11333,12174,12203,12221,12345,12397,12401,13364,13500,13838,14330,15200,16102,17185,17200,18881,19300,19810,20010,20031,20034,20101,20111,20171,20222,22222,23472,23791,23943,25000,25025,26000,26122,27000,27017,27888,28222,28784,30000,30718,31001,31099,32764,32913,34205,34443,37718,38080,38292,40007,41025,41080,41523-41524,44334,44818,45230,46823-46824,47001-47002,48899,49152,50000-50004,50013,50500-50504,52302,55553,57772,62078,62514,65535 124.127.116.1/24,124.127.117.1/24,219.141.189.1/24,218.80.254.1/24,180.168.174.128/26,183.62.12.1/27 2023/02/17 13:31:09 start port scanner: totalSize: 453600, rate: 100, connectionSize: 100, connectTimeout: 6s, retryTimes: 0, Random: true, Seed: 1676598000810541000, ScanOffset: 453600, ScanICMP: false, CheckAliveMode: 0 2023/02/17 13:31:09 pcap version: libpcap version 1.9.1 2023/02/17 13:31:09 127.0.0.1:55481 POST /api/v1/getProgress
2023/02/17 13:31:09 found device from route table for 219.141.189.255: 2023/02/17 13:31:09 [DEBUG] get adapter of device 2023/02/17 13:31:09 [DEBUG] devices: [{en0 30 [{fe80::14d6:dbf3:817a:ee45 ffffffffffffffff0000000000000000 } {172.30.3.137 fffffc00 172.30.3.255 }]} {awdl0 30 [{fe80::b817:c6ff:fe6a:4a67 ffffffffffffffff0000000000000000 }]} {llw0 30 [{fe80::b817:c6ff:fe6a:4a67 ffffffffffffffff0000000000000000 }]} {utun0 54 [{fe80::dc36:6e1c:dd69:2f57 ffffffffffffffff0000000000000000 }]} {ap1 46 []} {utun1 54 [{fe80::1179:48cc:5349:5ebe ffffffffffffffff0000000000000000 }]} {utun2 54 [{fe80::ce81:b1c:bd2c:69e ffffffffffffffff0000000000000000 }]} {utun4 54 [{2.0.10.7 2.0.10.7}]} {lo0 55 [{127.0.0.1 ff000000 } {::1 ffffffffffffffffffffffffffffffff } {fe80::1 ffffffffffffffff0000000000000000 }]} {anpi0 38 [{fe80::8f6:51ff:fe1f:aa5d ffffffffffffffff0000000000000000 }]} {bridge0 38 []} {anpi1 38 [{fe80::8f6:51ff:fe1f:aa5e ffffffffffffffff0000000000000000 }]} {en1 38 []} {en2 38 []} {en3 38 []} {en4 38 []} {gif0 48 []} {stf0 48 []}] 2023/02/17 13:31:09 [DEBUG] getGatewayMac: en0 219.141.189.255 2023/02/17 13:31:10 find router mac is e4:68:a3:8b:10:88 2023/02/17 13:31:11 [DEBUG] fetch mac address: en0 e4:68:a3:8b:10:88 2023/02/17 13:31:11 [DEBUG] close pcap handler for getGatewayMac 2023/02/17 13:31:11 select adapter of to send packets: &{en0 172.30.3.137 [fe80::14d6:dbf3:817a:ee45] {172.30.3.137 fffffc00} fffffc00 9c:3e:53:81:4a:a8 e4:68:a3:8b:10:88} 2023/02/17 13:31:11 routine-recv start 2023/02/17 13:31:11 port scanner is ready 2023/02/17 13:31:11 routine-target is about to exit since target pool is running out 2023/02/17 13:31:11 routine-target is exit since target pool and retry pool is running out 2023/02/17 13:31:11 start first round ARP 2023/02/17 13:31:11 first round ARP done 2023/02/17 13:31:12 127.0.0.1:55501 POST /api/v1/getProgress
2023/02/17 13:31:12 127.0.0.1:55502 POST /api/v1/getStatisticsData
2023/02/17 13:31:12 found ip-mac: 172.30.3.185 - 4e:f4:cd:90:4a:6f 2023/02/17 13:31:12 3.044s 453600/453600 (100.00% N/A left); send: 0 0.00 pkt/s (0.00 pkt/s avg); recv: 0 0.00 pkt/s (0.00 pkt/s avg) 2023/02/17 13:31:12 routine-status is exit since scan is done 2023/02/17 13:31:12 start sending packets 2023/02/17 13:31:12 not start another round ARP 2023/02/17 13:31:12 routine-send out 2023/02/17 13:31:13 GrabScannerStatistics: {0 0 0 1} 2023/02/17 13:31:13 AppScannerStatistics: {0 0 0 1} 2023/02/17 13:31:13 SendPacketCount: 453600 453600 2023/02/17 13:31:14 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:14 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:14 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:14 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:14 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:14 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:14 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:15 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:15 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:15 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:15 found ip-mac: 172.30.3.137 - 9c:3e:53:81:4a:a8 2023/02/17 13:31:15 127.0.0.1:55531 POST /api/v1/getProgress
2023/02/17 13:31:15 127.0.0.1:55532 POST /api/v1/getStatisticsData
2023/02/17 13:31:18 127.0.0.1:55552 POST /api/v1/getProgress
2023/02/17 13:31:18 127.0.0.1:55553 POST /api/v1/getStatisticsData
2023/02/17 13:31:19 BasicNetworkInfoScanner out... 2023/02/17 13:31:21 127.0.0.1:55578 POST /api/v1/getProgress
2023/02/17 13:31:21 127.0.0.1:55579 POST /api/v1/getStatisticsData
2023/02/17 13:31:22 close pcap sender 2023/02/17 13:31:22 routine-recv out 2023/02/17 13:31:23 routine-pcap-sender is exit 2023/02/17 13:31:23 done: 14.059s 453600/453600 (100.00%) send: 0; recv: 0 2023/02/17 13:31:23 PortScanner out... 2023/02/17 13:31:24 127.0.0.1:55603 POST /api/v1/getProgress
2023/02/17 13:31:24 127.0.0.1:55604 POST /api/v1/getStatisticsData
2023/02/17 13:31:27 127.0.0.1:55628 POST /api/v1/getProgress
2023/02/17 13:31:27 127.0.0.1:55629 POST /api/v1/getStatisticsData
2023/02/17 13:31:29 GrabScanner out... 2023/02/17 13:31:29 AppScanner out... 2023/02/17 13:31:29 finished all information, now try to find vulnerabilities... 2023/02/17 13:31:29 scanning exp of 74CMS SQLi with Plus ajax common 1000 2023/02/17 13:31:29 scanning exp of 74CMS SQLi with Plus weixin 1000 2023/02/17 13:31:29 scanning exp of ANTlabs IG3100 telnet default account 1000 2023/02/17 13:31:29 scanning exp of AVCON-6 download.action File Read (CNVD-2020-30193) 1000 2023/02/17 13:31:29 scanning exp of ActiveMQ Deserialization Vulnerability (CVE-2015-5254) 1000 2023/02/17 13:31:29 scanning exp of ActiveMQ Arbitrary File Write Vulnerability (CVE-2016-3088) 1000 2023/02/17 13:31:29 scanning exp of ActiveMQ default admin account 1000 2023/02/17 13:31:29 scanning exp of Alibaba canal Leakage of sensitive information 1000 2023/02/17 13:31:29 scanning exp of Amcrest/Dahua Unauthenticated-Audio-Streaming (CVE-2019-3948) 1000 2023/02/17 13:31:29 scanning exp of Apache ShardingSphere RCE(CVE-2020-1947) 1000 2023/02/17 13:31:29 scanning exp of Apache Druid RCE (CVE-2021-25646) 1000 2023/02/17 13:31:29 scanning exp of Apache Flink File Upload (CVE-2020-17518) 1000 2023/02/17 13:31:29 scanning exp of Apache Flink Path Traversal (CVE-2020-17519) 1000 2023/02/17 13:31:29 scanning exp of Apache Flink RCE 1000 2023/02/17 13:31:29 scanning exp of Apache NiFi Api RCE 1000 2023/02/17 13:31:29 scanning exp of Apache OFBiz Bypass RCE (CVE-2021-30128) 1000 2023/02/17 13:31:29 scanning exp of Apache OFBiz Deserialization RCE (CVE-2020-9496) 1000 2023/02/17 13:31:29 scanning exp of Apache OFBiz XXE File Read (CVE-2018-8033) 1000 2023/02/17 13:31:29 scanning exp of Apache OFBiz rmi RCE (CVE-2021-26295) 1000 2023/02/17 13:31:29 scanning exp of Apache SkyWalking RCE with SQLi 1000 2023/02/17 13:31:29 scanning exp of Apache Solr Velocity Template RCE (CVE-2019-17558) 1000 2023/02/17 13:31:29 scanning exp of Apache Tapestry Unserialize RCE (CVE-2021-27850) 1000 2023/02/17 13:31:30 GrabScannerStatistics: {0 0 0 0} 2023/02/17 13:31:30 AppScannerStatistics: {0 0 0 0} 2023/02/17 13:31:30 127.0.0.1:55688 POST /api/v1/getProgress
2023/02/17 13:31:30 127.0.0.1:55689 POST /api/v1/getStatisticsData
2023/02/17 13:31:33 127.0.0.1:55743 POST /api/v1/getProgress
2023/02/17 13:31:33 127.0.0.1:55744 POST /api/v1/getStatisticsData
2023/02/17 13:31:36 127.0.0.1:55789 POST /api/v1/getProgress
2023/02/17 13:31:36 127.0.0.1:55790 POST /api/v1/getStatisticsData
2023/02/17 13:31:39 127.0.0.1:55837 POST /api/v1/getProgress
2023/02/17 13:31:39 127.0.0.1:55838 POST /api/v1/getStatisticsData
2023/02/17 13:31:42 127.0.0.1:55880 POST /api/v1/getProgress
2023/02/17 13:31:42 127.0.0.1:55881 POST /api/v1/getStatisticsData
2023/02/17 13:31:45 127.0.0.1:55955 POST /api/v1/getProgress
2023/02/17 13:31:45 127.0.0.1:55956 POST /api/v1/getStatisticsData
2023/02/17 13:31:48 127.0.0.1:56010 POST /api/v1/getProgress
2023/02/17 13:31:48 127.0.0.1:56011 POST /api/v1/getStatisticsData
2023/02/17 13:31:51 127.0.0.1:56066 POST /api/v1/getProgress
2023/02/17 13:31:51 127.0.0.1:56067 POST /api/v1/getStatisticsData
2023/02/17 13:31:54 127.0.0.1:56119 POST /api/v1/getProgress
2023/02/17 13:31:54 127.0.0.1:56120 POST /api/v1/getStatisticsData
2023/02/17 13:31:57 127.0.0.1:56170 POST /api/v1/getProgress
2023/02/17 13:31:57 127.0.0.1:56171 POST /api/v1/getStatisticsData
2023/02/17 13:32:00 127.0.0.1:56212 POST /api/v1/getProgress
2023/02/17 13:32:00 127.0.0.1:56213 POST /api/v1/getStatisticsData
2023/02/17 13:32:01 scanning exp of Apache Unomi RCE (CVE-2020-13942) 1000 2023/02/17 13:32:01 scanning exp of AppWeb Authentication Bypass vulnerability (CVE-2018-8715) 1000 2023/02/17 13:32:01 scanning exp of Intellian Aptus Web RCE (CVE-2020-7980) 1000 2023/02/17 13:32:01 scanning exp of Arcadyan Routers Authentication Bypassing (CVE-2021-20090) 1000 2023/02/17 13:32:01 scanning exp of Avaya Aura Default Credentials 1000 2023/02/17 13:32:01 scanning exp of Apache Axis2 1.4.1 Remote Directory Traversal Vulnerability (CVE-2010-0219) 1000 2023/02/17 13:32:01 scanning exp of Axis2 Default Credentials Remote Code Execution (CVE-2010-0219) 1000 2023/02/17 13:32:01 scanning exp of Barco/AWIND OEM Presentation Platform Unauthenticated Remote Command Injection (CVE-2019-3929) 1000 2023/02/17 13:32:01 scanning exp of BlueKeep Microsoft Remote Desktop RCE (CVE-2019-0708) 1000 2023/02/17 13:32:01 23500871623417375288593877713262587849814255799823629711360679693340499332740860869928381601006212516587116709643265796897941849323935079792997676937904721792921034626684110778695230114086009623305864474656222872223570644049209580969980717996867207815585626186489572587301553712782377606533597930730320865394091875532280997564662997237350421881343653250685965068731788423773259866854210932726612929194789205132344104045894596289515519754962624175046049075866651882685828050787472103650026221702113620052683710754208177000381997739618504007174185499619327572918205505949894374345402046263155558900802448192837301309341 65537 85679995281368664070060678881885442571903095317838873033085010643517816007664 [240 107 105 26 210 170 215 99 183 254 104 121 70 135 61 121 59 43 235 37 170 41 29 249 188 180 157 226 166 40 109 189] 256 2023/02/17 13:32:01 23867297756436604469725096808554026758026289220585104273874823807662150004156228930234748440410755633174605191108894345697833458493394978640922403791005094398095423438928871250123927095509643767983307429394549476410740677416398806016252745546213264162365927093887670994469308461735124661789971876707105843376959119686196666235344775861364390420574511900182060137382734534762390130947709641856999198289521649082053276880969866107305509577414765730576332966501153978499296047812995355940610963361229407841649563734816479848110013437729054476274263571384538499172320143751066605954849048533765381678936985595445505876823 65537 60061970019065885392426524670617114675802395367190343050925984816077986634170 [186 153 16 72 65 179 227 144 204 43 9 38 229 240 192 187 82 53 26 194 26 97 202 168 88 133 213 43 206 222 201 132] 256 2023/02/17 13:32:03 127.0.0.1:56244 POST /api/v1/getProgress
2023/02/17 13:32:03 127.0.0.1:56245 POST /api/v1/getStatisticsData
2023/02/17 13:32:06 127.0.0.1:56266 POST /api/v1/getProgress
2023/02/17 13:32:06 127.0.0.1:56267 POST /api/v1/getStatisticsData
2023/02/17 13:32:09 127.0.0.1:56291 POST /api/v1/getProgress
2023/02/17 13:32:09 127.0.0.1:56292 POST /api/v1/getStatisticsData
2023/02/17 13:32:11 dial tcp 219.141.189.218:3389: i/o timeout 2023/02/17 13:32:11 [ERROR] check host failed: 219.141.189.218:3389 2023/02/17 13:32:11 [ERROR] check host failed: 219.141.189.25:3389 read tcp 172.30.3.137:56223->219.141.189.25:3389: i/o timeout 2023/02/17 13:32:11 [ERROR] check host failed: 124.127.117.234:3389 read tcp 172.30.3.137:56220->124.127.117.234:3389: i/o timeout 2023/02/17 13:32:11 [ERROR] check host failed: 124.127.117.228:3389 read tcp 172.30.3.137:56222->124.127.117.228:3389: i/o timeout 2023/02/17 13:32:11 scanning exp of Bonitasoft Platform serverAPI Deserialization Vulnerability 1000 2023/02/17 13:32:11 scanning exp of Brother HL default admin account 1000 2023/02/17 13:32:11 scanning exp of Brother MFC default admin account 1000 2023/02/17 13:32:11 scanning exp of CAIMORE Wireless Router RCE 1000 2023/02/17 13:32:11 scanning exp of CERIO 11nbg 2.4Ghz High Power Wireless Router root shell backdoor 1000 2023/02/17 13:32:11 scanning exp of COMMAX Ruvie CCTV Bridge DVR Unauthorized access 1000 2023/02/17 13:32:11 scanning exp of ChinaTelecom sjkd camera default password 1000 2023/02/17 13:32:11 scanning exp of Cisco ACE 4710 Device Manager Default Credentials 1000 2023/02/17 13:32:11 scanning exp of Cisco ASA and FTD File Delete (CVE-2020-3187) 1000 2023/02/17 13:32:11 scanning exp of Cisco ASA and FTD File Read (CVE-2020-3452) 1000 2023/02/17 13:32:11 scanning exp of Cisco HyperFlex HX Data Platform Command Injection (CVE-2021-1498) 1000 2023/02/17 13:32:12 127.0.0.1:56347 POST /api/v1/getProgress
2023/02/17 13:32:12 127.0.0.1:56348 POST /api/v1/getStatisticsData
2023/02/17 13:32:15 127.0.0.1:56431 POST /api/v1/getProgress
2023/02/17 13:32:15 127.0.0.1:56432 POST /api/v1/getStatisticsData
2023/02/17 13:32:18 127.0.0.1:56498 POST /api/v1/getProgress
2023/02/17 13:32:18 127.0.0.1:56499 POST /api/v1/getStatisticsData
2023/02/17 13:32:21 127.0.0.1:56551 POST /api/v1/getProgress
2023/02/17 13:32:21 127.0.0.1:56552 POST /api/v1/getStatisticsData
2023/02/17 13:32:22 127.0.0.1:56563 POST /api/v1/getStatisticsData
2023/02/17 13:32:22 127.0.0.1:56564 POST /api/v1/assetSearch
2023/02/17 13:32:22 127.0.0.1:56565 POST /api/v1/getValueCategory
2023/02/17 13:32:24 127.0.0.1:56596 POST /api/v1/getProgress
2023/02/17 13:32:24 127.0.0.1:56597 POST /api/v1/getStatisticsData
2023/02/17 13:32:27 scanning exp of Cisco HyperFlex HX Data Platform File Upload (CVE-2021-1499) 1000 2023/02/17 13:32:27 scanning exp of Cisco HyperFlex HX Installer Python Code Injection (CVE-2021-1497) 1000 2023/02/17 13:32:27 scanning exp of Cisco RV320 and RV325 Routers RCE (CVE-2019-1652) 1000 2023/02/17 13:32:27 scanning exp of Citrix ADC RCE (CVE-2019-19781) 1000 2023/02/17 13:32:27 scanning exp of Citrix XenMobile Arbitrary file read (CVE-2020-8209) 1000 2023/02/17 13:32:27 scanning exp of Citrix Systems arbitrary file read 1000 2023/02/17 13:32:27 scanning exp of Clinical Browsing System login.php Boolean SQLi 1000 2023/02/17 13:32:27 scanning exp of ClusterEngine V4.0 login Arbitrary command execution vulnerability 1000 2023/02/17 13:32:27 scanning exp of ClusterEngine V4.0 sysShell RCE Arbitrary command execution vulnerability 1000 2023/02/17 13:32:27 scanning exp of Confluence RCE (CVE-2019-3396) 1000 2023/02/17 13:32:27 scanning exp of Consul Service API RCE 1000 2023/02/17 13:32:27 scanning exp of Coremail Information Leakage (CNVD-2019-16798) 1000 2023/02/17 13:32:27 scanning exp of D-Link DSL-2888A RCE (CVE-2020-24581) 1000 2023/02/17 13:32:27 scanning exp of D-Link Dump Credentials (CVE-2020-9376) 1000 2023/02/17 13:32:27 127.0.0.1:56646 POST /api/v1/vulnerabilityStatisticsData
2023/02/17 13:32:27 127.0.0.1:56647 POST /api/v1/vulnerabilitySearch
2023/02/17 13:32:27 scanning exp of Multiple D-Link Routers RCE (CVE-2019-16920) 1000 2023/02/17 13:32:27 scanning exp of DS_Store found 1000 2023/02/17 13:32:28 127.0.0.1:56726 POST /api/v1/getProgress
2023/02/17 13:32:28 scanning exp of Dell DARC Default Credentials 1000 2023/02/17 13:32:28 scanning exp of Discuz 7.x/6.x global variable defense bypass rce 1000 2023/02/17 13:32:28 scanning exp of Django Debug Method Enabled 1000 2023/02/17 13:32:28 scanning exp of DrayTek pre-auth remote root RCE (CVE-2020-8515) 1000 2023/02/17 13:32:28 scanning exp of Drupal Core SQL Injection Vulnerability(CVE-2014-3704) 1000 2023/02/17 13:32:28 scanning exp of Drupal Core Multiple Remote Code Execution Vulnerabilities(CVE-2018-7600) 1000 2023/02/17 13:32:28 scanning exp of Drupal Core Arbitrary PHP Code Execution Vulnerability(CVE-2019-6340) 1000 2023/02/17 13:32:28 scanning exp of Drupal Core Remote Code Execution Vulnerability(CVE-2018-7602) 1000 2023/02/17 13:32:28 scanning exp of Dubbo RCE (CVE-2020-1948) 1000 2023/02/17 13:32:28 scanning exp of DuomiCms SQLi (CNVD-2018-05568) 1000 2023/02/17 13:32:28 scanning exp of Elasticsearch unauthorized 1000 2023/02/17 13:32:28 scanning exp of EnGenius EnShare IoT Gigabit Cloud Service RCE 1000 2023/02/17 13:32:28 scanning exp of EyouCMS Session brute force Bypass login 1000 2023/02/17 13:32:28 scanning exp of Eyou Mail system moni_detail.do RCE 1000 2023/02/17 13:32:28 scanning exp of F5 BIG-IP TMUI RCE (CVE-2020-5902) 1000 2023/02/17 13:32:28 scanning exp of F5 BIG-IP default account 1000 2023/02/17 13:32:28 scanning exp of F5 BIGIP iControl unauth RCE (CVE-2021-22986) 1000 2023/02/17 13:32:28 scanning exp of Fastjson 1.2.24 RCE (CNVD-2017-02833) 1000 2023/02/17 13:32:28 scanning exp of Fastjson 1.2.47 RCE (CNVD-2019-22238) 1000 2023/02/17 13:32:28 scanning exp of FineCMS Remote Command Execution (CNVD-2019-36681) 1000 2023/02/17 13:32:28 scanning exp of ForgeRock AM RCE (CVE-2021-35464) 1000 2023/02/17 13:32:28 scanning exp of FortiLogger Unauth Arbitrary File Upload(CVE-2021-3378) 1000 2023/02/17 13:32:28 scanning exp of Fortinet FortiOS Directory Traversal Vulnerability (CVE-2018-13379) 1000 2023/02/17 13:32:28 scanning exp of GitLab information leak (CVE-2020-26413) 1000 2023/02/17 13:32:28 scanning exp of Git repository found 1000 2023/02/17 13:32:29 scanning exp of GlassFish Arbitrary File Read (CVE-2017-1000028) 1000 2023/02/17 13:32:29 scanning exp of GoAhead Web Server LD_PRELOAD Arbitrary Module Load (CVE-2017-17562) 1000 2023/02/17 13:32:29 scanning exp of H3C SECPATH Operations and Maintenance Audit System RCE 1000 2023/02/17 13:32:29 scanning exp of HYBRID DVR default admin account rce 1000 2023/02/17 13:32:29 scanning exp of Hadoop YARN ResourceManager RCE 1000 2023/02/17 13:32:29 scanning exp of Hanvon kaoqin Login.action S2-005 RCE 1000 2023/02/17 13:32:29 scanning exp of Harbor Remote Privilege Escalation Vulnerability (CVE-2019-16097) 1000 2023/02/17 13:32:29 scanning exp of Harbor Default Credentials 1000 2023/02/17 13:32:29 scanning exp of Hikvision IP Camera Access Bypass (CVE-2017-7921) 1000 2023/02/17 13:32:29 scanning exp of Hikvision default admin account 1000 2023/02/17 13:32:29 scanning exp of Hongdian H8922 Arbitrary File Read (CVE-2021-28149) 1000 2023/02/17 13:32:29 scanning exp of Hsmedia Hgateway default account 1000 2023/02/17 13:32:29 scanning exp of Hsmedia Hgateway login SQli 1000 2023/02/17 13:32:29 scanning exp of Huawei HG532 Remote Code Execution (CVE-2017-17215) 1000 2023/02/17 13:32:29 scanning exp of Hyperic Default Credentials 1000 2023/02/17 13:32:29 scanning exp of IBM Spectrum Protect Plus hostname RCE (CVE-2020-4211) 1000 2023/02/17 13:32:29 scanning exp of IBM Spectrum Protect Plus npassword RCE (CVE-2020-4210) 1000 2023/02/17 13:32:29 scanning exp of IBM Spectrum Protect Plus password RCE (CVE-2020-4222) 1000 2023/02/17 13:32:29 scanning exp of IBM Spectrum Protect Plus username RCE (CVE-2020-4213) 1000 2023/02/17 13:32:29 scanning exp of IBM Informix Open Admin Tool RCE (CVE-2017-1092) 1000 2023/02/17 13:32:29 scanning exp of JetBrains .idea project directory 1000 2023/02/17 13:32:30 scanning exp of JingHang online marking Arbitrary File Upload 1000 2023/02/17 13:32:30 scanning exp of Jira SSRF in the makeRequest resource (CVE-2019-8451) 1000 2023/02/17 13:32:30 scanning exp of Jira Unauthenticated Popular Filters 1000 2023/02/17 13:32:30 scanning exp of Jira Unauthenticated User Picker 1000 2023/02/17 13:32:30 scanning exp of Jira service desk signup Exposed 1000 2023/02/17 13:32:30 scanning exp of Joomla Core SQL Injection (CVE-2015-7297) 1000 2023/02/17 13:32:30 scanning exp of Joomla content management system com_macgallery plugin database file leaked 1000 2023/02/17 13:32:30 scanning exp of Jupyter-Notebook Unauthorized Access 1000 2023/02/17 13:32:30 scanning exp of Kedacom DVR Access gateway File Read 1000 2023/02/17 13:32:30 scanning exp of kingsoft V8 terminal security system RCE 1000 2023/02/17 13:32:30 scanning exp of Klog Server Unauth RCE(CVE-2020-35729) 1000 2023/02/17 13:32:30 scanning exp of Kong API Gateway Unauthorized (CVE-2020-11710) 1000 2023/02/17 13:32:30 scanning exp of LEMS Power Management System RCE 1000 2023/02/17 13:32:30 scanning exp of LG SuperSign EZ CMS rce 1000 2023/02/17 13:32:30 scanning exp of Landray OA custom.jsp RCE 1000 2023/02/17 13:32:30 scanning exp of Laravel RCE (CVE-2021-3129) 1000 2023/02/17 13:32:30 scanning exp of Liferay Portal Java Unmarshalling via JSONWS RCE (CVE-2020-7961) 1000 2023/02/17 13:32:30 scanning exp of Liferay Portal Unauthenticated 7.2.1 C3P0 Deserialization Vulnerability (CVE-2020-7961) 1000 2023/02/17 13:32:30 scanning exp of Mailgard Firewall default account 1000 2023/02/17 13:32:30 scanning exp of Mailgard Firewall ping function rce 1000 2023/02/17 13:32:30 scanning exp of Zoho ManageEngine Desktop Central 10 getChartImage rce (CVE-2020-10189) 1000 2023/02/17 13:32:30 scanning exp of ManageEngine OpManager Deserialization Vulnerability (CVE-2020-28653) 1000 2023/02/17 13:32:30 scanning exp of ManageEngine OpManager RCE (CVE-2020-28653) 1000 2023/02/17 13:32:30 scanning exp of ManageEngine OpManger arbitrary file read (CVE-2020-12116) 1000 2023/02/17 13:32:30 scanning exp of Marathon unauthorized rce 1000 2023/02/17 13:32:30 scanning exp of MessageSolution EEA info leakage (CNVD-2021-10543) 1000 2023/02/17 13:32:30 scanning exp of Microsoft Exchange Server File Write (CVE-2021-27065) 1000 2023/02/17 13:32:30 scanning exp of Microsoft Exchange Server SSRF (CVE-2021-26855) 1000 2023/02/17 13:32:30 scanning exp of Microsoft SharePoint Server CVE-2019-0604 Remote Code Execution Vulnerability 1000 2023/02/17 13:32:30 scanning exp of Mida eFramework ajaxreq.php RCE(CVE-2020-15920) 1000 2023/02/17 13:32:30 scanning exp of MinIO default account 1000 2023/02/17 13:32:30 scanning exp of Mobinat Wireless Router system_log.cgi RCE 1000 2023/02/17 13:32:30 scanning exp of MySQL Login Bypass Vulnerability (CVE-2012-2122) 1000 2023/02/17 13:32:30 scanning exp of NETENTSEC Internet control gateway default account 1000 2023/02/17 13:32:30 scanning exp of Netentsec NGFW FireWall Anyterm-module RCE 1000 2023/02/17 13:32:30 scanning exp of Netflix Conductor RCE (CVE-2020-9296) 1000 2023/02/17 13:32:30 scanning exp of NETGEAR ProSAFE Plus Switch default admin account rce 1000 2023/02/17 13:32:30 scanning exp of Multiple Netgear Routers Remote Command Injection Vulnerability (CVE-2016-6277) 1000 2023/02/17 13:32:30 scanning exp of OS Command Injection in Nexus Repository Manager 2.x (CVE-2019-5475) 1000 2023/02/17 13:32:30 scanning exp of NexusDB path traversal (CVE-2020-24571) 1000 2023/02/17 13:32:30 scanning exp of Nexus Repository Manager 3 RCE (CVE-2019-7238) 1000 2023/02/17 13:32:30 scanning exp of nostromo nhttpd Directory Traversal Remote Command Execution Vulnerability (CVE-2011-0751) 1000 2023/02/17 13:32:30 scanning exp of NuCom 11N Wireless Router v5.07.90 Remote Privilege Escalation 1000 2023/02/17 13:32:30 scanning exp of OpenSMTPD Remote Code Execution Vulnerability (CVE-2020-7247) 1000 2023/02/17 13:32:30 scanning exp of Opengear default root account 1000 2023/02/17 13:32:30 scanning exp of Oracle Application Server File Read (CVE-2020-14864) 1000 2023/02/17 13:32:30 scanning exp of PHPUnit CVE-2017-9841 Arbitrary Code Execution Vulnerability 1000 2023/02/17 13:32:30 scanning exp of PHP 8.1.0-dev Zerodium Backdoor vulnerabilities 1000 2023/02/17 13:32:30 scanning exp of Pandora FMS SQL Injection (CVE-2021-32099) 1000 2023/02/17 13:32:30 scanning exp of PbootCMS parserIfLabel RCE 1000 2023/02/17 13:32:30 scanning exp of Polycom RMX 1000 Default Credentials 1000 2023/02/17 13:32:30 scanning exp of Polycom RSS 2000 Default Credentials 1000 2023/02/17 13:32:30 scanning exp of Polycom RSS 4000 Default Credentials 1000 2023/02/17 13:32:30 scanning exp of Polycom Web Configuration Utility default admin account rce 1000 2023/02/17 13:32:30 scanning exp of PowerCreator CMS Arbitrary File Upload 1000 2023/02/17 13:32:30 scanning exp of Pulse Secure SSL VPN Arbitrary File Read (CVE-2019-11510) 1000 2023/02/17 13:32:30 scanning exp of Qi'an Xintianqing terminal security management system client_upload_file.json file upload GetShell 1000 2023/02/17 13:32:30 scanning exp of QiAnXin WangShen VPN file upload 1000 2023/02/17 13:32:30 scanning exp of Rainwise IP-100 default admin account 1000 2023/02/17 13:32:31 scanning exp of Rails Asset Pipeline Directory Traversal (CVE-2018-3760) 1000 2023/02/17 13:32:31 scanning exp of File Content Disclosure on Rails (CVE-2019-5418) 1000 2023/02/17 13:32:31 scanning exp of Ruijie EG RCE 1000 2023/02/17 13:32:31 scanning exp of Ruijie EG login.php rce 1000 2023/02/17 13:32:31 scanning exp of Ruijie RG UAC Password leakage 1000 2023/02/17 13:32:31 scanning exp of S2 NetBox RCE 1000 2023/02/17 13:32:31 scanning exp of Sangfor EDR 3.2.21 Arbitrary code execution vulnerability 1000 2023/02/17 13:32:31 scanning exp of SAP NetWeaver Authentication Bypass (CVE-2020-6287) RECON 1000 2023/02/17 13:32:31 scanning exp of SVN repository found 1000 2023/02/17 13:32:31 127.0.0.1:56999 POST /api/v1/getProgress
2023/02/17 13:32:31 scanning exp of SaltStack RCE (CVE-2020-11651) 1000 2023/02/17 13:32:31 scanning exp of SaltStack RCE (CVE-2020-16846) 1000 2023/02/17 13:32:31 scanning exp of Sangfor EDR anyuser login 1000 2023/02/17 13:32:31 scanning exp of Sangfor EDR unauthorized RCE (CNVD-2020-46552) 1000 2023/02/17 13:32:31 scanning exp of Sangfor VDI unauthorized RCE 1000 2023/02/17 13:32:31 scanning exp of Scalar i40 Default Credentials 1000 2023/02/17 13:32:31 scanning exp of Seeyon File Read (CNVD-2020-62422) 1000 2023/02/17 13:32:31 scanning exp of Seeyon OA A8 unauth file upload getshell (CNVD-2021-01627) 1000 2023/02/17 13:32:31 scanning exp of Smarters WEB TV PLAYER player command execution(CVE-2020-9380) 1000 2023/02/17 13:32:31 scanning exp of SolarWinds Orion Local File Disclosure (CVE-2020-10148) 1000 2023/02/17 13:32:31 scanning exp of SonicWall SSL-VPN Unauthorized RCE 1000 2023/02/17 13:32:31 scanning exp of SpringBootAdmin unauthorized access 1000 2023/02/17 13:32:31 scanning exp of SpringBoot Actuator unauthorized access 1000 2023/02/17 13:32:31 scanning exp of Spring Boot 1.5 SnakeYAML RCE 1000 2023/02/17 13:32:31 scanning exp of Spring Cloud Config Server Directory Traversal (CVE-2019-3799) 1000 2023/02/17 13:32:31 scanning exp of Spring Cloud Config Server Directory Traversal (CVE-2020-5410) 1000 2023/02/17 13:32:31 scanning exp of Spring Data Commons RCE (CVE-2018-1273) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-005 RCE (CVE-2010-1870) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-009 RCE (CVE-2011-3923) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-013 RCE (CVE-2013-1966) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-016 RCE (CVE-2013-2251) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-032 RCE (CVE-2016-3081) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-045 RCE (CVE-2017-5638) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-046 RCE (CVE-2017-5638) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts S2-048 RCE (CVE-2017-9791) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts S2-052 RCE (CVE-2017-9805) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts S2-053 RCE (CVE-2017-12611) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-057 RCE (CVE-2018-11776) 1000 2023/02/17 13:32:31 scanning exp of Apache Struts2 S2-061 RCE (CVE-2020-17530) 1000 2023/02/17 13:32:31 scanning exp of SugarCRM REST Unserialize PHP Code Execution 1000 2023/02/17 13:32:31 scanning exp of Supervisor XML-RPC Authenticated Remote Code Execution 1000 2023/02/17 13:32:31 scanning exp of Supervisor default account 1000 2023/02/17 13:32:31 scanning exp of TPShop 3.x SQL Injection 1000 2023/02/17 13:32:31 scanning exp of TP-Link NCxxx Command Injection (CVE-2020-12109) 1000 2023/02/17 13:32:31 scanning exp of TerraMaster TOS RCE (CVE-2020-15568) 1000 2023/02/17 13:32:31 scanning exp of TerraMaster TOS RCE (CVE-2020-28188) 1000 2023/02/17 13:32:31 scanning exp of ThinkPHP 5.x RCE 1000 2023/02/17 13:32:31 scanning exp of Topsec Firewall default account 1000 2023/02/17 13:32:31 scanning exp of Topsec Firewall telnet default account 1000 2023/02/17 13:32:31 scanning exp of unraid 6.8.0 authenticate bypass remote code execution(CVE-2020-5847) 1000 2023/02/17 13:32:31 scanning exp of VMware View Planner RCE (CVE-2021-21978) 1000 2023/02/17 13:32:31 scanning exp of VMware vCenter Arbitrary File Read 1000 2023/02/17 13:32:31 scanning exp of VMware vCenter Server RCE (CVE-2021-21972) 1000 2023/02/17 13:32:31 scanning exp of VMware vSphere Client (HTML5) RCE (CVE-2021-21985) 1000 2023/02/17 13:32:31 scanning exp of Venustech TianYue default account 1000 2023/02/17 13:32:31 scanning exp of VisualSVN Server default account 1000 2023/02/17 13:32:32 scanning exp of weaver e-cology oa system front page sql injection 1000 2023/02/17 13:32:32 scanning exp of Weaver e-Bridge Arbitrary File Download 1000 2023/02/17 13:32:32 scanning exp of Weaver e-cology OA Database config leakage 1000 2023/02/17 13:32:32 scanning exp of Weaver e-cology OA file download (CNVD-2019-29900) 1000 2023/02/17 13:32:32 scanning exp of Weaver e-cology OA file read (CNVD-2019-29902) 1000 2023/02/17 13:32:32 scanning exp of Weaver e-cology OA RCE (CNVD-2019-32204) 1000 2023/02/17 13:32:32 scanning exp of Weaver e-cology OA SQLi (CNVD-2019-34241) 1000 2023/02/17 13:32:32 scanning exp of Weaver e-cology OA XXE 1000 2023/02/17 13:32:32 scanning exp of Weaver e-cology OA apps.ktree.servlet.KtreeUploadAction file upload 1000 2023/02/17 13:32:32 scanning exp of Weaver e-cology OA SQLi 1000 2023/02/17 13:32:32 scanning exp of WebLogic XML External Entity (XXE) Injection (CVE-2019-2647) 1000 2023/02/17 13:32:32 scanning exp of IBM WebSphere Application Server Deserialization RCE (CVE-2020-4450) 1000 2023/02/17 13:32:32 scanning exp of Weblogic 10.3.6.0.0&12.1.3.0.0 jdk 7u21 T3 RCE 1000 2023/02/17 13:32:32 scanning exp of Weblogic IIOP RCE (CVE-2020-2551) 1000 2023/02/17 13:32:32 scanning exp of WebLogic SearchPublicRegistries SSRF(CVE-2014-4210) 1000 2023/02/17 13:32:32 scanning exp of Oracle Weblogic Server Deserialization RCE (CVE-2020-14825) 1000 2023/02/17 13:32:32 scanning exp of Weblogic Secondary Deserialization RCE (CVE-2021-2135) 1000 2023/02/17 13:32:32 scanning exp of WebLogic deserialize AsyncResponseService (CVE-2019-2725) 1000 2023/02/17 13:32:32 scanning exp of Oracle Weblogic Server Deserialization RCE(CVE-2018-2628) 1000 2023/02/17 13:32:32 scanning exp of Weblogic Server RCE (CVE-2021-2109) 1000 2023/02/17 13:32:32 scanning exp of Weblogic ReflectionExtractor RCE (CVE-2020-2555) 1000 2023/02/17 13:32:32 scanning exp of Oracle WebLogic Unauthenticated Takeover (CVE-2020-14883) 1000 2023/02/17 13:32:32 scanning exp of Oracle WebLogic Unauthenticated RCE (CVE-2020-14882/CVE-2020-14750) 1000 2023/02/17 13:32:32 scanning exp of Oracle WebLogic Server Remote Security Vulnerability (CVE-2017-10271&CVE-2017-3506) 1000 2023/02/17 13:32:32 scanning exp of Webmin RCE (CVE-2019-15107) 1000 2023/02/17 13:32:32 scanning exp of Western Digital My Cloud's snmp_mgr.cgi file multiple parameter command execution 1000 2023/02/17 13:32:32 scanning exp of WordPress Email Subscribers and Newsletters 4.2.3 User Information Disclosure (CVE-2019-19985) 1000 2023/02/17 13:32:32 scanning exp of Xerox ApeosPort default admin account 1000 2023/02/17 13:32:32 scanning exp of Xerox DocuCentre default admin account 1000 2023/02/17 13:32:32 scanning exp of Xerox WorkCentre default admin account 1000 2023/02/17 13:32:32 scanning exp of Yonyou GRP-U8 RCE with SQLi 1000 2023/02/17 13:32:32 scanning exp of Yonyou NC Arbitrary File Include 1000 2023/02/17 13:32:32 scanning exp of Yonyou NC dcupdateService Deserialization RCE 1000 2023/02/17 13:32:32 scanning exp of Yonyou NC RCE with file upload 1000 2023/02/17 13:32:32 scanning exp of Yonyou U8-OA RCE with SQLi 1000 2023/02/17 13:32:32 scanning exp of Yonyou TurboCRM strresview sqli 1000 2023/02/17 13:32:32 scanning exp of ZOHO ManageEngine Password Manager Pro Deserialization Vulnerability 1000 2023/02/17 13:32:32 scanning exp of ZTE WLAN Controller SQLi to get admin password 1000 2023/02/17 13:32:32 scanning exp of Zabbix default account 1000 2023/02/17 13:32:32 scanning exp of Zeroshell RCE (CVE-2019-12725) 1000 2023/02/17 13:32:32 scanning exp of Zimbra XXE (CVE-2019-9670) 1000 2023/02/17 13:32:32 scanning exp of Zkteco Shiro Deserialization Vulnerability 1000 2023/02/17 13:32:32 scanning exp of Undocumented user account in Zyxel products 1000 2023/02/17 13:32:32 scanning exp of adslr router default password 1000 2023/02/17 13:32:32 scanning exp of AMTT eFlow HiBOS server Ping Command Injection 1000 2023/02/17 13:32:32 scanning exp of BT Control Panel Unauthorized Access 1000 2023/02/17 13:32:32 scanning exp of cacti default account 1000 2023/02/17 13:32:32 scanning exp of cisco prime infrastructure unauthorized RCE(CVE-2019-1821) 1000 2023/02/17 13:32:32 scanning exp of cobaltstrike backdoor 1000 2023/02/17 13:32:32 scanning exp of dahua dvr config backdoor 1000 2023/02/17 13:32:32 scanning exp of docker unauthorized 1000 2023/02/17 13:32:32 scanning exp of Alibaba Druid unauthorized access 1000 2023/02/17 13:32:32 scanning exp of ESAFENET CDG arbitrary file download (CVE-2019-9632) 1000 2023/02/17 13:32:32 scanning exp of ESAFENET DLP SystemConfig Default Password 1000 2023/02/17 13:32:32 scanning exp of ESAFENET DLP logincontroller Default Password 1000 2023/02/17 13:32:32 scanning exp of ftp weak password 1000 2023/02/17 13:32:32 scanning exp of Red Hat Jboss Enterprise Application Platform CVE-2017-12149 Remote Code Execution Vulnerability 1000 2023/02/17 13:32:32 scanning exp of Multiple RedHat JBoss Products CVE-2015-7501 Remote Code Execution Vulnerability 1000 2023/02/17 13:32:32 scanning exp of Red Hat Jboss Application Server CVE-2017-7504 Remote Code Execution Vulnerability 1000 2023/02/17 13:32:32 scanning exp of Jenkins Multiple Security Vulnerabilities 1000 2023/02/17 13:32:32 scanning exp of Jenkins unauthenticated RCE (CVE-2017-1000353) 1000 2023/02/17 13:32:32 scanning exp of Jenkins Script Security and Pipeline RCE(CVE-2019-1003000) 1000 2023/02/17 13:32:32 scanning exp of jenkins unauthorized getshell 1000 2023/02/17 13:32:32 scanning exp of Kibana unauthorized 1000 2023/02/17 13:32:32 scanning exp of landray OA arbitrary file read 1000 2023/02/17 13:32:32 scanning exp of lanproxy Directory Traversal (CVE-2021-3019) 1000 2023/02/17 13:32:32 scanning exp of Leagsoft UniNAC file upload RCE 1000 2023/02/17 13:32:32 scanning exp of memcached unauthorized 1000 2023/02/17 13:32:32 scanning exp of Metinfo met_download_list SQL time delay injection 1000 2023/02/17 13:32:32 scanning exp of ACME mini_httpd Arbitrary File Read (CVE-2018-18778) 1000 2023/02/17 13:32:32 scanning exp of mobotix default account 1000 2023/02/17 13:32:32 scanning exp of mongo-express rce(CVE-2019-10758) 1000 2023/02/17 13:32:32 scanning exp of MongoDB unauthorized 1000 2023/02/17 13:32:32 scanning exp of MsSQL weak password 1000 2023/02/17 13:32:32 scanning exp of Hardcoded FTP username of myscada(CVE-2018-11311) 1000 2023/02/17 13:32:32 scanning exp of MySQL weak password 1000 2023/02/17 13:32:33 scanning exp of Nexus Repository Manager 2 default account 1000 2023/02/17 13:32:33 scanning exp of NSFOCUS next-generation firewall default password 1000 2023/02/17 13:32:33 scanning exp of NSFOCUS UTS Account Password Disclosure 1000 2023/02/17 13:32:33 scanning exp of phpLDAPadmin default account 1000 2023/02/17 13:32:33 scanning exp of PHPStudy Backdoor Remote Code execution 1000 2023/02/17 13:32:33 scanning exp of PostgreSQL weak password 1000 2023/02/17 13:32:33 scanning exp of RDP weak password 1000 panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x2 pc=0x100d65141]

goroutine 10036 [running]: git.gobies.org/goby/goscanner/jsonvul/protocols/grdp/protocol/t125.(MCSClient).recvChannelJoinConfirm(0xc00414d770, {0xc005dd2db3, 0x8, 0x8}) git.gobies.org/goby/goscanner@v0.0.0-20230112103931-355316a95d34/jsonvul/protocols/grdp/protocol/t125/mcs.go:513 +0x581 reflect.Value.call({0x101af37c0?, 0xc00253a430?, 0x13?}, {0x101e11bfa, 0x4}, {0xc002430168, 0x1, 0x1?}) reflect/value.go:556 +0x845 reflect.Value.Call({0x101af37c0?, 0xc00253a430?, 0x10?}, {0xc002430168, 0x1, 0x1}) reflect/value.go:339 +0xbf git.gobies.org/goby/goscanner/jsonvul/protocols/grdp/emission.(Emitter).callListeners.func1({0x101af37c0?, 0xc00253a430?, 0xc005dd2d7a?}) git.gobies.org/goby/goscanner@v0.0.0-20230112103931-355316a95d34/jsonvul/protocols/grdp/emission/emitter.go:226 +0x430 created by git.gobies.org/goby/goscanner/jsonvul/protocols/grdp/emission.(*Emitter).callListeners git.gobies.org/goby/goscanner@v0.0.0-20230112103931-355316a95d34/jsonvul/protocols/grdp/emission/emitter.go:201 +0x20f

gobysec commented 1 year ago

请检查内存空间是否充足,若未解决,请联系微信:gobyteam

gobysec commented 1 year ago

此问题已修复,已在最新版本中发布,若紧急情况可联系微信:gobyteam协助您解决!感谢您的反馈与支持~