Port 3000 Details

known port assignments and vulnerabilities

threat/application/port search:

Port(s)	Protocol	Service	Details	Source
3000	tcp	various	AdGuard Home Web Interface Ruby on Rails applications default port NodeJS MDaemon WorldClient Rocket Chat NodeJS Calista IP Phone (TCP/UDP) GOGS (self-hosted GIT service) Grafana (default http port) Miralix License server mObywatel (mobile personal id documents app) Viewgate Classic DVR Games: Homeworld, Destroyer Command (TCP/UDP), Theef, Silent Hunter II (TCP/UDP), Active Worlds File Transfer (TCP/UDP) Malware that uses this port: Remote Shutdown, InetSpy, rocket.chat Incorrect Authorization Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of rocket.chat. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web service, which listens on TCP port 3000 by default. Reference: [CVE-2025-7974] Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to the Worldclient service at port 3000, or the Webconfig service at port 3001. References: [CVE-2001-0583] [BID-2478] WDaemon 9.5.4 allows remote attackers to access the /WorldClient.dll URI on TCP port 3000, which has unknown impact. NOTE: The researcher reports that the vendor response was "this is not a security bug." References: [CVE-2007-0383] [OSVDB-34661] Multiple stack-based buffer overflows in pdmwService.exe in SolidWorks Workgroup PDM 2014 SP2 allow remote attackers to execute arbitrary code via a long string in a opcode to port 3000. References: [CVE-2014-100014] Backdoor.Win32.Buterat.cxq / Insecure Permissions EoP - this malware creates an insecure dir under c: drive named "process", where it drops a random named executable and later moves it to C:Users[VICTIM]AppDataLocalTemp where it sends SYN packets to TCP port 3000. The process dir grants change (C) permissions to the authenticated users group. References: [MVID-2021-0063] Cloud9 Integrated Development Environment server (IANA official)	SG
3000	udp	btsync	BitTorrent Sync (BTsync) uses port 3000 UDP to connect to torrent trackers. It also uses another configurable random UDP listen port (and/or UPnP). Distributed Interactive Simulation (DIS) default port (unofficial) Calista IP Phone, VidPhone Trend Micro Antivirus products may use port 3000 UDP to communicate with their servers. Some games use this port: Homeworld, Destroyer Command (TCP/UDP), Theef, Silent Hunter II (TCP/UDP), Active Worlds File Transfer (TCP/UDP)	SG
3000	tcp		Miralix License server (unofficial)	Wikipedia
3000	udp		Distributed Interactive Simulation (DIS), modifiable default (unofficial)	Wikipedia
3000	tcp	trojan	InetSpy, Remote Shut, Theef	Trojans
3000	tcp	InetSpy	[trojan] InetSpy	SANS
3000	tcp	ppp	User-level ppp daemon	SANS
3000	tcp	RemoteShut	[trojan] Remote Shut	SANS
3000	tcp,udp	remoteware-cl	RemoteWare Client	SANS
3000,5670,7777,7000-7100	tcp	applications	Active Worlds	Portforward
3000	tcp	applications	Active Worlds File Transfer	Portforward
3000	udp	applications	Calista IP Phone	Portforward
3000	tcp,udp	applications	Destroyer Command	Portforward
3000,3105	tcp,udp	applications	Settlers 4	Portforward
80,3000-3007,8800	tcp,udp	applications	Talon DVR	Portforward
3000,18075	udp	applications	Timespliters Future Perfect	Portforward
3000-3005	tcp,udp	applications	VidPhone	Portforward
3000	tcp	ppp	User-level ppp daemon, or chili!soft asp	Nmap
3000	tcp	threat	W32.Mimail	Bekkoame
3000	tcp,udp	threat	FirstClass	Bekkoame
3000	tcp,udp	threat	MDaemon 3.1.1 Webconfig	Bekkoame
3000	tcp,udp	hbci	HBCI	IANA
3000	tcp,udp	remoteware-cl	RemoteWare Client	IANA
3000-3005	tcp,udp	applications	VidPhone	Portforward

24 records found

Related ports: 3003 3007 15400 15401 5000