|
Port 49152 Details
known port assignments and vulnerabilities
threat/application/port search:
Port(s) |
Protocol |
Service |
Details |
Source |
49152 |
tcp,udp |
applications |
As the first port in the dynamic/private range (49152-65535), this port is commonly used by applications that utilize a dynamic/random/configurable port.
Many embedded Linux based systems (i.e. home routers, remote management devices, IP cameras) have UPnP enabled, broadcasting their kernel version and hardware architecture over port 49152.
Some P2P torernt clients often use this port: uTorrent, Azureus/Vuze, etc.
Older IPMI firmware versions reveal cleartext login credentials over UDP port 49152.
Apple AirPlay dynamic mirroring TCP port.
YotaPhone 2 opens port 49152.
Apple Xsan Filesystem Access uses the dynamic/private range 49152-65535.
Xsan (Apple's storage area network, or clustered filesystem for macOS) uses these ports:
311 TCP - Xsan secure server administration (server app, xsan server admin, workgroup manager, server monitor)
312 TCP - Xsan administration
626 UDP - server serial number registration (Xsan, Mac OS X Server v10.3 – v10.6)
49152-65535 TCP - Xsan Filesystem Access
Microsoft Lync server uses these ports:
444, 445, 448, 881, 5041, 5060 - 5087, 8404 TCP
80, 135, 443, 4443, 8060, 8061, 8080 TCP - standard ports and HTTP(s) traffic
1434 UDP - SQL
49152-57500 TCP/UDP - media ports
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01 followed by other predictable values.
References: [CVE-2017-14117], [BID-100585]
The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users easily. The attackers can exploit the vulnerability to carry out arbitrary code by means of sending a specially constructed payload to port 49152.
References: [CVE-2022-30521] |
SG
|
42800, 49152-49172, 49272-49292 |
udp |
applications |
Titan Quest |
Portforward
|
|
2 records found
Related ports: 311 312 626 6881 45100 45682 61001 65535
|