|
Port 8001 Details
known port assignments and vulnerabilities
threat/application/port search:
| Port(s) |
Protocol |
Service |
Details |
Source |
| 8001 |
tcp |
fortinet |
squid HTTP Proxy server scan
Imperio also uses this port
Fortinet FortiGate uses the following ports (in addition to standard ports 53, 80, 443):
514 tcp - FortiAP logging and reporting
541 tcp, 542 tcp - FortiGuard management
703 tcp/udp. 730 udp - FortiGate heartbeat
1000 tcp, 1003 tcp - policy override keepalive
1700 tcp - FortiAuthenticator RADIUS disconnect
5246 udp - FortiAP-S event logs
8000, 8001 tcp - FortiClient SSO mobility agent
8008, 8010 tcp - policy override authentication
8013 tcp - FortiClient v.5.4
8014 tcp - Forticlient v.6
8890 tcp - AV/IPS updates, management, firmware
9443 udp - AV/IPS
9582 tcp - FortiGuard Cloud App DB (flow.fortinet.net)
Backdoor.Graybird.D [Symantec-2003-062811-4412-99] is a variant of Backdoor.Graybird. This Trojan Horse gives its creator unauthorized access to your computer. The existence of the file, Svch0st.exe, is an indication of a possible infection.
Directory traversal vulnerability in WellinTech KingView 6.53 allows remote attackers to read arbitrary files via a crafted HTTP request to port 8001.
References: [CVE-2012-2560]
Stack-based buffer overflow in db_netserver in Lianja SQL Server before 1.0.0RC5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted string to TCP port 8001.
References: [CVE-2013-3563]
Backdoor.Win32.Hupigon.adef / Remote Stack Buffer Overflow - Backdoor Hupigon (Cracked by bartchen) bartchen () vip sina com, listens on TCP ports 8001,8002,8003,8004 and 8005. Sending a large contaminated HTTP POST request to the target on port 8002 results in a buffer overflow overwriting the instruction pointer (EIP).
References: [MVID-2021-0045]
Calero VeraSMART versions prior to 2022 R1 expose an unauthenticated .NET Remoting HTTP service on TCP port 8001. The service publishes default ObjectURIs (including EndeavorServer.rem and RemoteFileReceiver.rem) and permits the use of SOAP and binary formatters with TypeFilterLevel set to Full. An unauthenticated remote attacker can invoke the exposed remoting endpoints to perform arbitrary file read and write operations via the WebClient class. This allows retrieval of sensitive files such as WebRoot\web.config, which may disclose IIS machineKey validation and decryption keys. An attacker can use these keys to generate a malicious ASP.NET ViewState payload and achieve remote code execution within the IIS application context. Additionally, supplying a UNC path can trigger outbound SMB authentication from the service account, potentially exposing NTLMv2 hashes for relay or offline cracking.
References: [CVE-2026-26333]
IANA registered for: VCOM Tunnel |
SG
|
| 8001 |
tcp |
|
Commonly used for internet radio streams such as those using SHOUTcast (unofficial) |
Wikipedia
|
| 8000-8001 |
tcp |
applications |
Icecast |
Portforward
|
| 8001,8101-8104 |
tcp |
applications |
Richard Garriots Tabula Rasa |
Portforward
|
| 8000-8001 |
tcp,udp |
applications |
ShoutCast |
Portforward
|
| 8000-8001,8888 |
tcp,udp |
applications |
Well of Souls with MIX |
Portforward
|
| 8000-8001 |
tcp |
applications |
Winamp Audio Streaming |
Portforward
|
| 8001 |
tcp,udp |
vcom-tunnel |
VCOM Tunnel. Known Unauthorized Use on port 8001 |
IANA
|
|
8 records found
Related ports: 555 2001 5678 8000 8002 8003 8004 8005 8008 8010
|