Open dale915 opened 2 weeks ago
This is not issues but to understand reports. Here is one of my scans report :
{ "scanstats_elapsed": "140.04", "ports": [ 80, 443 ], "osmatch": "Linux 4.0", "osname": "linux", "service_details": { "80": { "name": "http", "product": "Apache httpd", "version": "", "extrainfo": "", "cpe": "cpe:/a:apache:http_server", "exploits": [ "linux/http/ivanti_sentry_misc_log_service", "linux/http/linksys_wvbr0_user_agent_exec_noauth", "multi/http/sflog_upload_exec", "linux/http/piranha_passwd_exec", "unix/http/vmturbo_vmtadmin_exec_noauth", "multi/http/makoserver_cmd_exec", "unix/webapp/webtester_exec", "linux/http/webcalendar_settings_exec", "unix/webapp/cacti_graphimage_exec", "unix/webapp/nagios3_history_cgi", "multi/http/horde_href_backdoor", "unix/sonicwall/sonicwall_xmlrpc_rce", "linux/http/vmware_nsxmgr_xstream_rce_cve_2021_39144", "linux/http/symantec_web_gateway_exec", "linux/http/zyxel_ztp_rce", "linux/http/f5_icontrol_rpmspec_rce_cve_2022_41800", "multi/http/nostromo_code_exec", "linux/http/php_imap_open_rce", "multi/http/fortra_goanywhere_mft_rce_cve_2024_0204", "unix/http/pihole_whitelist_exec", "multi/http/phpfilemanager_rce", "unix/webapp/openmediavault_rpc_rce", "linux/http/wd_mycloud_unauthenticated_cmd_injection", "unix/ftp/proftpd_modcopy_exec", "linux/http/linuxki_rce", "multi/http/opmanager_sumpdu_deserialization", "linux/http/netgear_r7000_cgibin_exec", "linux/http/opentsdb_yrange_cmd_injection", "linux/http/axis_srv_parhand_rce", "unix/http/quest_kace_systems_management_rce", "unix/webapp/actualanalyzer_ant_cookie_exec", "unix/webapp/twiki_search", "linux/http/f5_bigip_tmui_rce_cve_2023_46747", "linux/http/linksys_e1500_apply_exec", "multi/http/wp_plugin_fma_shortcode_unauth_rce", "linux/http/cisco_asax_sfr_rce", "unix/webapp/twiki_maketext", "multi/http/stunshell_exec", "linux/http/smt_ipmi_close_window_bof", "linux/http/lexmark_faxtrace_settings", "linux/http/cisco_hyperflex_hx_data_platform_cmd_exec", "linux/http/panos_telemetry_cmd_exec", "linux/http/solarview_unauth_rce_cve_2023_23333", "linux/http/flir_ax8_unauth_rce_cve_2022_37061", "linux/http/linear_emerge_unauth_rce_cve_2019_7256", "unix/webapp/barracuda_img_exec", "unix/webapp/rconfig_install_cmd_exec", "linux/http/dlink_dcs931l_upload", "multi/http/mutiny_subnetmask_exec", "unix/webapp/zeroshell_exec", "unix/webapp/drupal_drupalgeddon2", "unix/webapp/havalite_upload_exec", "linux/http/optergy_bms_backdoor_rce_cve_2019_7276", "unix/webapp/awstats_migrate_exec", "unix/webapp/vicidial_manager_send_cmd_exec", "multi/http/v0pcr3w_exec", "multi/realserver/describe", "unix/webapp/google_proxystylesheet_exec", "linux/http/dlink_dwl_2600_command_injection", "multi/http/atlassian_confluence_rce_cve_2023_22527", "linux/http/vmware_vrni_rce_cve_2023_20887", "multi/http/wp_backup_migration_php_filter", "linux/http/tp_link_sc2020n_authenticated_telnet_injection", "multi/http/openmediavault_cmd_exec", "linux/http/nginx_chunked_size", "linux/http/cacti_unauthenticated_cmd_injection", "unix/webapp/projectpier_upload_exec", "linux/http/netgear_unauth_exec", "linux/http/netgear_dnslookup_cmd_exec", "unix/webapp/coppermine_piceditor", "unix/webapp/awstats_configdir_exec", "multi/http/gitorious_graph", "unix/webapp/php_xmlrpc_eval", "multi/http/mobilecartly_upload_exec", "linux/http/f5_icontrol_rce", "linux/http/librenms_collectd_cmd_inject", "linux/http/panos_op_cmd_exec", "linux/http/vmware_vcenter_vsan_health_rce", "linux/http/huawei_hg532n_cmdinject", "linux/http/terramaster_unauth_rce_cve_2021_45837", "unix/http/pfsense_pfblockerng_webshell", "multi/http/gitlab_shell_exec", "linux/http/ddwrt_cgibin_exec", "multi/php/ignition_laravel_debug_rce", "multi/http/auxilium_upload_exec", "linux/http/wanem_exec", "multi/http/coldfusion_rds_auth_bypass", "linux/http/fortinac_keyupload_file_write", "linux/http/elfinder_archive_cmd_injection", "linux/http/cayin_cms_ntp", "linux/http/vmware_workspace_one_access_cve_2022_22954", "linux/misc/cisco_ios_xe_rce", "multi/http/jenkins_script_console", "linux/http/advantech_switch_bash_env_exec", "linux/http/axis_app_install", "multi/http/mirth_connect_cve_2023_43208", "linux/http/zabbix_sqli", "linux/http/rconfig_ajaxarchivefiles_rce", "linux/http/hikvision_cve_2021_36260_blind", "multi/http/tomcat_mgr_deploy", "multi/http/vbulletin_widgetconfig_rce", "multi/http/maracms_upload_exec", "multi/http/phptax_exec", "multi/http/spring_cloud_function_spel_injection", "linux/http/dlink_dcs_930l_authenticated_remote_command_execution", "multi/wyse/hagent_untrusted_hsdata", "multi/http/familycms_less_exec", "linux/http/dreambox_openpli_shell", "linux/http/vmware_vcenter_analytics_file_upload", "multi/http/sonicwall_gms_upload", "unix/webapp/php_charts_exec", "linux/http/geutebruck_testaction_exec", "linux/http/dolibarr_cmd_exec", "linux/http/groundwork_monarch_cmd_exec", "multi/http/novell_servicedesk_rce", "linux/http/railo_cfml_rfi", "multi/http/atlassian_confluence_namespace_ognl_injection", "linux/http/symantec_web_gateway_pbcontrol", "linux/http/froxlor_log_path_rce", "linux/misc/zyxel_multiple_devices_zhttp_lan_rce", "linux/http/ivanti_connect_secure_rce_cve_2024_21893", "unix/webapp/libretto_upload_exec", "linux/http/dnalims_admin_exec", "unix/http/laravel_token_unserialize_exec", "unix/http/raspap_rce", "unix/webapp/openview_connectednodes_exec", "unix/webapp/trixbox_ce_endpoint_devicemap_rce", "unix/webapp/narcissus_backend_exec", "multi/http/ajaxplorer_checkinstall_exec", "multi/http/simple_backdoors_exec", "multi/http/atlassian_confluence_webwork_ognl_injection", "unix/webapp/skybluecanvas_exec", "linux/http/lucee_admin_imgprocess_file_write", "linux/http/watchguard_firebox_unauth_rce_cve_2022_26318", "linux/http/linksys_apply_cgi", "multi/http/sugarcrm_webshell_cve_2023_22952", "multi/http/oracle_reports_rce", "unix/webapp/tikiwiki_jhot_exec", "linux/http/sonicwall_cve_2021_20039", "multi/http/gitlab_exif_rce", "unix/webapp/aerohive_netconfig_lfi_log_poison_rce", "unix/http/lifesize_room", "linux/http/tp_link_ncxxx_bonjour_command_injection", "linux/http/qnap_qts_rce_cve_2023_47218", "unix/webapp/mitel_awc_exec", "linux/http/majordomo_cmd_inject_cve_2023_50917", "linux/http/linksys_wrt110_cmd_exec", "unix/http/pihole_dhcp_mac_exec", "linux/http/klog_server_authenticate_user_unauth_command_injection", "unix/http/splunk_xslt_authenticated_rce", "multi/http/zabbix_script_exec", "unix/webapp/awstatstotals_multisort", "linux/http/nagios_xi_configwizards_authenticated_rce", "linux/http/ivanti_connect_secure_rce_cve_2023_46805", "unix/http/pfsense_diag_routes_webshell", "linux/http/xplico_exec", "linux/http/grandstream_gxv31xx_settimezone_unauth_cmd_exec", "unix/webapp/phpbb_highlight", "multi/http/snortreport_exec", "linux/http/nagios_xi_chained_rce", "unix/webapp/zoneminder_snapshots", "linux/http/grandstream_ucm62xx_sendemail_rce", "linux/misc/cve_2021_38647_omigod", "unix/webapp/vicidial_user_authorization_unauth_cmd_exec", "linux/upnp/dlink_dir859_subscribe_exec", "multi/http/moodle_spelling_binary_rce", "unix/http/pfsense_config_data_exec", "linux/http/spring_cloud_gateway_rce", "linux/http/netgear_dgn1000_setup_unauth_exec", "multi/http/movabletype_upgrade_exec", "linux/http/esva_exec", "unix/webapp/spip_rce_form", "linux/http/dlink_diagnostic_exec_noauth", "multi/http/tomcat_mgr_upload", "multi/http/apache_apisix_api_default_token_rce", "unix/webapp/basilic_diff_exec", "linux/http/sophos_utm_webadmin_sid_cmd_injection", "multi/http/wp_db_backup_rce", "unix/webapp/zoneminder_packagecontrol_exec", "linux/http/wipg1000_cmd_injection", "linux/http/craftcms_unauth_rce_cve_2023_41892", "linux/http/cisco_hyperflex_file_upload_rce", "multi/http/shiro_rememberme_v124_deserialize", "multi/http/horizontcms_upload_exec", "multi/http/coldfusion_ckeditor_file_upload", "multi/http/monitorr_webshell_rce_cve_2020_28871", "unix/webapp/graphite_pickle_exec", "linux/http/qnap_qcenter_change_passwd_exec", "linux/http/trueonline_billion_5200w_rce", "linux/http/progress_kemp_loadmaster_unauth_cmd_injection", "unix/webapp/nagios3_statuswml_ping", "multi/http/zemra_panel_rce", "linux/http/wepresent_cmd_injection", "linux/http/pandora_fms_events_exec", "linux/http/centreon_sqli_exec", "linux/http/glinet_unauth_rce_cve_2023_50445", "multi/http/manageengine_servicedesk_plus_saml_rce_cve_2022_47966", "unix/webapp/generic_exec", "linux/http/netgear_dgn1000b_setup_exec", "multi/http/rails_double_tap", "linux/http/dlink_command_php_exec_noauth", "unix/webapp/freepbx_config_exec", "unix/webapp/twiki_history", "unix/webapp/guestbook_ssi_exec", "linux/http/zimbra_xxe_rce", "linux/http/suitecrm_log_file_rce", "linux/http/dlink_hnap_login_bof", "unix/webapp/opennetadmin_ping_cmd_injection", "unix/webapp/hastymail_exec", "linux/http/vmware_workspace_one_access_vmsa_2022_0011_chain", "multi/http/spree_search_exec", "linux/http/cisco_rv340_lan", "linux/http/github_enterprise_secret", "linux/http/symmetricom_syncserver_rce", "linux/http/totolink_unauth_rce_cve_2023_30013", "linux/http/trendmicro_sps_exec", "linux/http/cisco_rv_series_authbypass_and_rce", "linux/http/pulse_secure_gzip_rce", "multi/http/gambio_unauth_rce_cve_2024_23759", "linux/http/sourcegraph_gitserver_sshcmd", "linux/http/artica_proxy_auth_bypass_service_cmds_peform_command_injection", "multi/http/connectwise_screenconnect_rce_cve_2024_1709", "linux/http/geutebruck_cmdinject_cve_2021_335xx", "multi/http/wp_royal_elementor_addons_rce", "linux/http/trueonline_p660hn_v1_rce", "linux/http/glpi_htmlawed_php_injection", "unix/webapp/drupal_coder_exec", "multi/http/kong_gateway_admin_api_rce", "unix/http/contentkeeperweb_mimencode", "unix/webapp/sixapart_movabletype_storable_exec", "linux/http/artica_proxy_unauth_rce_cve_2024_2054", "unix/webapp/jquery_file_upload", "linux/http/kafka_ui_unauth_rce_cve_2023_52251", "unix/webapp/foswiki_maketext", "linux/http/terramaster_unauth_rce_cve_2022_24990", "unix/http/dell_kace_k1000_upload", "multi/http/gestioip_exec", "linux/http/chamilo_unauth_rce_cve_2023_34960", "windows/http/zenworks_uploadservlet", "linux/http/dlink_dir850l_unauth_exec", "linux/http/linksys_themoon_exec", "multi/http/spree_searchlogic_exec", "multi/http/vbulletin_widget_template_rce", "linux/http/goahead_ldpreload", "linux/http/cve_2019_1663_cisco_rmi_rce", "linux/http/dlink_dir615_up_exec", "linux/http/gitlist_exec", "linux/http/ivanti_csa_unauth_rce_cve_2021_44529", "unix/webapp/dogfood_spell_exec", "unix/webapp/redmine_scm_exec", "linux/http/magnusbilling_unauth_rce_cve_2023_30258", "unix/webapp/php_vbulletin_template", "multi/http/nuuo_nvrmini_upgrade_rce", "linux/http/netgear_wnr2000_rce", "linux/http/webmin_package_updates_rce", "multi/http/wp_bricks_builder_rce", "linux/http/dlink_dir300_exec_telnet", "linux/http/mutiny_frontend_upload", "multi/http/atutor_upload_traversal", "linux/http/terramaster_unauth_rce_cve_2020_35665", "multi/http/sonicwall_scrutinizer_methoddetail_sqli", "linux/http/cpi_tararchive_upload", "linux/http/mvpower_dvr_shell_exec", "linux/http/geutebruck_instantrec_bof" ] }, "443": { "name": "https", "product": "", "version": "", "extrainfo": "", "cpe": "", "exploits": [ "linux/http/ibm_qradar_unauth_rce", "linux/http/imperva_securesphere_exec", "linux/http/alienvault_sqli_exec", "linux/http/cisco_ucs_rce", "linux/http/vmware_vrops_mgr_ssrf_rce", "multi/http/zenworks_control_center_upload", "multi/http/op5_welcome", "linux/http/vmware_vrli_rce", "multi/http/trendmicro_threat_discovery_admin_sys_time_cmdi", "linux/http/cisco_ucs_cloupia_script_rce", "unix/http/pfsense_group_member_exec", "linux/http/riverbed_netprofiler_netexpress_exec", "linux/http/ueb_api_rce", "linux/http/f5_icontrol_rest_ssrf_rce", "linux/http/sophos_wpa_sblistpack_exec", "multi/http/op5_license", "linux/http/vinchin_backup_recovery_cmd_inject", "linux/http/ubiquiti_airos_file_upload", "linux/http/mobileiron_mdm_hessian_rce", "linux/http/roxy_wi_exec", "unix/webapp/citrix_access_gateway_exec", "linux/http/goautodial_3_rce_command_injection", "linux/http/cisco_prime_inf_rce", "linux/http/f5_icall_cmd", "linux/http/lifesize_uvc_ping_rce", "linux/http/op5_config_exec", "linux/http/panos_readsessionvars", "linux/http/accellion_fta_getstatus_oauth", "linux/http/f5_icontrol_exec" ] } } }
Can someone give me some interpretation ?. The exploits listed are the vulnerabilities exploits or just the possible vulnerabilities exploits ?
This is not issues but to understand reports. Here is one of my scans report :
Can someone give me some interpretation ?. The exploits listed are the vulnerabilities exploits or just the possible vulnerabilities exploits ?