Shortcuts
|
Vulnerable Ports
This list (a very small part of our SG Ports database) includes TCP/UDP ports currently tested by our Security Scanner, and corresponding potential security threats.
We update the list on a regular basis, however if you feel we should add other port(s) to the list or modify their descriptions, please .
Any feedback and suggestions can also be posted to our Security forum.
| Port(s) |
Protocol |
Service |
Scan level |
Description |
| 6768 |
tcp |
applications |
not scanned |
BMC PATROL Agent Service Daemon 'BGS_MULTIPLE_READS' Command Remote Code Execution Vulnerability
References: [CVE-2011-0975], [BID-46151] |
| 6771 |
tcp |
trojans |
Premium scan |
DeepThroat, Foreplay, Reduced Foreplay |
| 6771 |
udp |
applications |
not scanned |
BitTorrent Local Peer Discovery, Polycom server broadcast |
| 6776 |
tcp |
trojans |
Members scan |
RAT (remote administration tool)
Trojans that use this port: 2000 Cracks, SubSeven/BackDoor-G, VP Killer |
| 6777 |
tcp,udp |
applications |
Premium scan |
BlackSite - Area 51
Trojans using this port: W32.Gaobot, W32/Bagle@MM [Symantec-2004-011815-3332-99]
Backdoor.Win32.IRCBot.gen / Unauthenticated Remote Command Execution - the malware listens on TCP port 6777. Third-party attackers who can reach infected systems can execute commands. Commands must be wrapped in quotes or it will fail.
References: [MVID-2021-0300]
IANA registered for: netTsunami Tracker (TCP) |
| 6778 |
tcp |
applications |
not scanned |
The OmniSwitch 7700/7800 running Alcatel Operating System (AOS) version 5.1.1 has TCP port 6778 listening as a telnet server. This gives anyone access to the OmniSwitch's Vx-Works operating system without requiring a password. This backdoor compromises the entire system.
References: [CVE-2002-1272], [BID-6220]
IANA registered for: netTsunami p2p storage system (TCP) |
| 6783 |
tcp |
applications |
not scanned |
Splashtop Remote |
| 6784 |
tcp |
applications |
not scanned |
Splashtop Remote |
| 6784 |
udp |
bfd-lag |
not scanned |
Bidirectional Forwarding Detection (BFD) on Link Aggregation Group (LAG) Interfaces [IESG] (IANA official) [RFC 7130] |
| 6785 |
tcp |
applications |
not scanned |
Splashtop Remote |
| 6786 |
tcp,udp |
smc-jmx |
not scanned |
Sun Java Web Console JMX |
| 6787 |
tcp,udp |
smc-admin |
not scanned |
Sun Web Console Admin |
| 6788 |
tcp,udp |
smc-http |
not scanned |
SMC-HTTP |
| 6789 |
tcp |
trojans |
Premium scan |
Campbell Scientific Loggernet Software
Bucky's Instant Messaging Program
W32.Netsky.T@mm [Symantec-2004-040616-1824-99] (2004.04.06) - a Netsky variant that uses its own SMTP engine to email itself. It has backdoor and DoS (Denial of Service) capabilities. Listens on port 6789/tcp to receive and execute a file from an attacker.
The W32.Netsky.S@mm [Symantec-2004-040512-2436-99] variant opens this port as well.
Doly Trojan also uses port 6789 (TCP).
Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789 and cause a denial of service via an invalid LANG parameter or a long packet that generates a "MemTree overflow."
References: [CVE-2007-2582], [BID-26010]
IANA registered for: GSS-API for Oracle Remote Administration Daemon |
| 6790 |
tcp,udp |
applications |
not scanned |
IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to db2ccs.exe on port 6790, or db2jds.exe on port 6789.
References: [CVE-2001-1143], [BID-3010]
Port is also IANA registered for HNMP |
| 6791 |
tcp,udp |
hnm |
not scanned |
Halcyon Network Manager (IANA official) |
| 6796 |
tcp |
trojan |
Premium scan |
SubSeven [Symantec-2001-020114-5445-99] trojan |
| 6800 |
tcp |
applications |
not scanned |
Resin server, Resin Watchdog |
| 6801 |
tcp,udp |
acnet |
not scanned |
Net2Phone CommCenter
ACNET Control System Protocol (IANA official) |
| 6802 |
tcp,udp |
applications |
not scanned |
iTalkBB |
| 6809 |
tcp,udp |
applications |
not scanned |
cman (cluster manager)
Multiple stack-based buffer overflows in FSD 2.052 d9 and earlier, and FSFDT FSD 3.000 d9 and earlier, allow (1) remote attackers to execute arbitrary code via a long HELP command on TCP port 3010 to the sysuser::exechelp function in sysuser.cc and (2) remote authenticated users to execute arbitrary code via long commands on TCP port 6809 to the servinterface::sendmulticast function in servinterface.cc, as demonstrated by a PIcallsign command.
References: [CVE-2007-5256] [BID-25883] [SECUNIA-27008] |
| 6817 |
tcp |
pentbox-sim |
not scanned |
PenTBox Secure IM Protocol |
| 6831 |
tcp |
swarm |
not scanned |
Ethersphere Swarm (distributed storage and communication system) uses these ports:
6060, 6831 tcp - pprof debugging http server
8500, 8545 tcp - web access http api |
| 6838 |
udp |
trojan |
not scanned |
Mstream trojan
DDOS communication also uses this port. |
| 6868 |
tcp |
trojans |
Premium scan |
Backdoor.Darkmoon [Symantec-2005-081910-3934-99] (2005.08.18) - trojan that opens a backdoor on the compromised computer and has keylogging capabilities. Opens a backdoor and listens for remote commands on ports 6868/tcp and 7777/tcp.
IANA registered for Acctopus Command Channel. |
| 6868 |
udp |
acctopus-st |
not scanned |
Acctopus Status |
| 6869 |
tcp |
applications |
not scanned |
Derandom default server |
| 6877 |
tcp |
applications |
not scanned |
Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA Connect”, to interact with the iC Module on behalf of the user. After a client successfully authenticates, they can send plaintext commands to manipulate the device.
References: [CVE-2021-21905]
Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA Connect”, to interact with the iC Module on behalf of the user. Every time a user submits a password to the CLI password prompt, the buffer containing their input is passed as the password parameter to the checkPassword function.
References: [CVE-2021-21906] |
| 6881 |
tcp |
applications |
Premium scan |
Games using this port:
Age of Conan
World of Tanks
World of Warcraft (WoW) Downloader
ABC (a.k.a. Yet Another Bittorrent Client), BitTorrent P2P traffic, Azureus P2P traffic (6881-6889) |
| 6882 |
tcp |
applications |
Premium scan |
BitTorrent P2P traffic, Azureus P2P traffic (6881-6889)
Age of Conan game, World of Warcraft (WoW) Downloader |
| 6883 |
tcp |
applications |
Premium scan |
BitTorrent P2P traffic, Azureus P2P traffic (6881-6889)
Age of Conan game, World of Warcraft (WoW) Downloader
Trojans using this port: DeltaSource (TCP) |
| 6884 |
tcp |
applications |
Premium scan |
BitTorrent P2P traffic, Azureus P2P traffic (6881-6889)
Age of Conan game, World of Warcraft (WoW) Downloader |
| 6885 |
tcp |
applications |
Premium scan |
BitTorrent P2P traffic, Azureus P2P traffic (6881-6889)
Age of Conan game, World of Warcraft (WoW) Downloader |
| 6886 |
tcp |
applications |
Premium scan |
BitTorrent P2P traffic, Azureus P2P traffic (6881-6889), GeoVision SMS
Age of Conan game, World of Warcraft (WoW) Downloader |
| 6887 |
tcp |
applications |
Premium scan |
BitTorrent P2P traffic, Azureus P2P traffic (6881-6889)
Age of Conan game, World of Warcraft (WoW) Downloader |
| 6888 |
tcp |
applications |
Premium scan |
BitTorrent P2P traffic, Azureus P2P traffic (6881-6889)
Age of Conan game, World of Warcraft (WoW) Downloader
MUSE (TCP/UDP) [Muse Communications] (IANA official) |
| 6889 |
tcp |
applications |
Premium scan |
BitTorrent P2P traffic, Azureus P2P traffic (6881-6889)
Age of Conan game, World of Warcraft (WoW) Downloader |
| 6891 |
tcp,udp |
applications |
Premium scan |
BitTorrent, Windows Live Messenger, MSN Messenger
Trojans using this port: Force (6891/tcp only)
aMSN (aka Alvaro's Messenger) allows remote attackers to cause a denial of service (client hang and termination of client's instant-messaging session) by repeatedly sending crafted data to the default file-transfer port (TCP 6891).
References: [CVE-2006-0138] |
| 6892 |
tcp,udp |
applications |
not scanned |
BitTorrent, Windows Live Messenger |
| 6893 |
tcp,udp |
applications |
not scanned |
BitTorrent, Windows Live Messenger |
| 6894 |
tcp,udp |
applications |
not scanned |
BitTorrent, Windows Live Messenger (File transfer) |
| 6895 |
tcp,udp |
applications |
not scanned |
BitTorrent, Windows Live Messenger (File transfer) |
| 6896 |
tcp,udp |
applications |
not scanned |
BitTorrent, Windows Live Messenger (File transfer) |
| 6897 |
tcp,udp |
applications |
not scanned |
BitTorrent, Windows Live Messenger (File transfer) |
| 6898 |
tcp,udp |
applications |
not scanned |
BitTorrent, Windows Live Messenger (File transfer) |
| 6899 |
tcp,udp |
applications |
not scanned |
BitTorrent, Windows Live Messenger (File transfer) |
| 6900 |
tcp,udp |
applications |
not scanned |
BitTorrent part, Windows Live Messenger, MSN Messenger, Ragnarok Online Server
IANA registered for: R*TIME Viewer Data Interface (TCP) |
| 6901 |
tcp |
jetstream |
not scanned |
Novell Jetstream messaging protocol, Msn Messenger (TCP/UDP) |
| 6905 |
udp |
applications |
not scanned |
This module exploits a remote buffer overflow in the Citrix Provisioning Services 5.6 SP1 (without Hotfix CPVS56SP1E043) by sending a malformed packet to the 6905/UDP port. The module has been successfully tested on Windows Server 2003 SP2, Windows 7, and Windows XP SP3.
References: [BID-49803], [OSVDB-75780]
Citrix Provisioning Services is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by streamprocess.exe component. By sending request type 0x40020006 to UDP Port 6905 a remote attacker could overflow a buffer and execute arbitrary code on the system with SYSTEM privileges or cause the application to crash.
References: [XFDB-72353] |
| 6912 |
tcp |
trojan |
Premium scan |
Shit Heep trojan |
| 6913 |
tcp |
trojans |
Premium scan |
Danny, Shit Heep |
| 6924 |
tcp,udp |
split-ping |
not scanned |
IANA registered for: Ping with RX/TX latency/loss split |
| 6935 |
tcp,udp |
ethoscan |
not scanned |
IANA registered for: EthoScan Service |
| 6939 |
tcp |
trojans |
Premium scan |
Indoctrination, Gatecrasher.a trojans |
| 6942 |
tcp |
applications |
not scanned |
BitTorrent, SubEthaEdit text editor |
| 6953 |
tcp |
trojan |
Premium scan |
Backdoor.Lithium.D [Symantec-2004-040321-0019-99] |
| 6963 |
tcp,udp |
swismgr1 |
not scanned |
swismgr1, BitTorrent |
| 6964 |
tcp,udp |
swismgr2 |
not scanned |
swismgr2, BitTorrent |
| 6967 |
tcp,udp |
trojans |
not scanned |
Trojan.Diagcfg [Symantec-2001-071914-1432-99] (2001.07.19) - a trojan that modifies the registry so that it loads whenever Windows is started. It listens on port 6967 for commands. It sends email to its creator with information about the computer's IP address and connected hosts |
| 6969 |
tcp |
acmsoda |
Members scan |
BitTorrent tracker
Backdoor.Assasin.D trojan - opens a backdoor on one of the following ports: 5695,6595,6969,27589. Backdoor.Assasin opens port 27589, Backdoor.Assasin.B opens port 6969, Backdoor.Assasin.C opens port 6595, and Backdoor.Assasin.D opens port 5695 to listen for commands from the attacker.
Other trojans that use this port: GateCrasher, IRC 3/IRC Hack, Net Controller, Priority, Danton, 2000Cracks.
Backdoor.Win32.BlueAdept.02.a / Remote Buffer Overflow - the malware listens on TCP port 6969, after connecting to the infected host TCP ports 6970, 6971 are then opened. The newly opened port 6970 is vulnerable allowing third party attackers who can reach an infected host ability to trigger a buffer overflow overwriting EAX, ECX and EDX registers.
References: [MVID-2021-0408]
Backdoor.Win32.Destrukor.20 / Authentication Bypass - the malware listens on TCP port 6969. However, after sending a specific cmd "rozmiar" the backdoor returns "moznasciagac" in Polish "you can download" and port 21 opens. Third-party attackers who can reach infected systems can logon using any username/password combination. Intruders may then upload executables using ftp PASV, STOR commands, this can result in remote code execution.
References: [MVID-2022-0626]
Backdoor.Win32.Destrukor.20 / Unauthenticated Remote Command Execution - the malware listens on TCP port 6969. Third-party adversaries who can reach infected hosts can run commands made available by the backdoor. Remote attackers can read anything the victim types by starting the remote key log command "key_on". Some commands in Polish include "podglad", "dyski", "procesy", "wywiad", "rej_klucze1", "offserver" and many others.
References: [MVID-2022-0627]
acmsoda (IANA official) (TCP/UDP) |
| 6970 |
tcp,udp |
applications |
Members scan |
Port used by Tivoli Software, RTP (Real Time Transport Protocol), RTSP (Real Time Streaming Protocol), BitTorrent, QuickTime 4 server, RealAudio.
Trojans using this port: GateCrasher |
| 6974 |
tcp |
malware |
not scanned |
Backdoor.Win32.Danton.43 / Weak Hardcoded Credentials RCE - The malware listens on TCP port 6974 and stores several pairs of weak hardcoded credentials in plaintext within the executable. First username / password combination is stored as TDanton, TDanton by removing the "T" we get valid creds of Danton, Danton to logon. Other credential pairs are Danton2 Danton2, Danton3 Danton, Danton4 Danton. They can be found by running strings util against the malware executable. Attackers may then upload executables using ftp PASV, STOR commands, this can result in remote code execution.
References: [MVID-2021-0211] |
| 6980 |
udp |
qolyester |
not scanned |
QoS-extended OLSR protocol (IANA official) |
| 6994 |
tcp,udp |
games |
not scanned |
City of Heroes, City of Villains |
| 6996 |
tcp,udp |
applications |
not scanned |
Nesticle |
| 6998 |
tcp,udp |
iatp-highpri |
not scanned |
An "invalid command" handler issue was discovered in HiNet GPON firmware < I040GWR190731. It allows an attacker to execute arbitrary command through port 6998. CVSS 3.0 Base score 10.0. CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H).
References: [CVE-2019-15066]
A service which is hosted on port 6998 in HiNet GPON firmware < I040GWR190731 allows an attacker to execute a specific command to read arbitrary files. CVSS 3.0 Base score 9.3. CVSS vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L).
References: [CVE-2019-15065], [XFDB-169707]
IANA registered for: IATP-highPri |
| 6999 |
tcp,udp |
iatp-normalpri |
Premium scan |
IATP-normalPri, World of Warcraft, Blizzard Downloader, BitTorrent, Line Request for VoIP, Video Streaming service, OfficePax, QuickTime 4 server, RealAudio
Malicios services using this port: Worm_MYTOB.LW |
| 7000 |
tcp |
afs-fileserver |
Members scan |
AFS fileserver, Command and Conquer Renegade, Avira Server Management Console, Rumble Fighter (TCP/UDP)
Default for Vuze's built in HTTPS Bittorrent Tracker.
The game Aliens vs Predator 2 uses ports 7000-10000 (TCP).
W32.Gaobot.BQJ [Symantec-2004-110816-5549-99] (2004.11.08) - network-aware worm taht opens a backdoor and can be controlled via IRC. It can affect all current Windows versions. Connects to an IRC server on port 7000/tcp.
W32.Mydoom.BQ@mm [Symantec-2005-050910-1159-99] (2005.05.09) - mass-mailing worm with backdoor capabilities, that uses its own SMTP engine. It communicates with an IRC server and listens for remote commands on port 7000/tcp.
W32.Mytob.GC@mm [Symantec-2005-062415-4022-99] (2005.06.24) - mass-mailing worm that opens a backdoor on port 7000/tcp.
Some older trojan horses/backdoors that also use this port: Exploit Translation Server, Kazimas, Remote Grab, SubSeven, BackDoor-G
The control-plane access-list implementation in Cisco IPS Software before 7.1(8p2)E4 and 7.2 before 7.2(2)E4 allows remote attackers to cause a denial of service (MainApp process outage) via crafted packets to TCP port 7000, aka Bug ID CSCui67394.
References: [CVE-2014-0719], [BID-65667], [XFDB-91195] |
| 7000 |
udp |
citrix |
not scanned |
Citrix NetScaler cluster heart beat exchange |
| 7001 |
tcp,udp |
afs3-callback |
Premium scan |
Callback To Cache Manager, MSN Messenger, Avira Server Management Console
Default for BEA WebLogic Server's HTTP server, though often changed during installation (TCP).
Command and Conquer Renegade also uses this port (TCP).
Trojans that use this port: Freak2k, Freak88, NetSnooper Gold.
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. NOTE: the scope of this CVE is limited to the WebLogic Server product.
References: [CVE-2015-4852] |
| 7002 |
tcp,udp |
afs3-pserver |
not scanned |
users & groups database
Default for BEA WebLogic Server's HTTP server, though often changed during installation (TCP).
Command and Conquer Renegade also uses this port (TCP). |
| 7003 |
tcp,udp |
afs3-vlserver |
not scanned |
Volume location database, City of Heroes, City of Villains, RealAudio
MA Lighting Technology grandMA onPC is vulnerable to a denial of service, caused by an error when processing socket connection negotiation. By sending a single malicious packet to TCP port 7003, an attacker could exploit this vulnerability to cause the device to crash.
References: [BID-66645], [XFDB-92300] |
| 7004 |
tcp,udp |
afs3-kaserver |
not scanned |
AFS/Kerberos authentication service, City of Heroes, City of Villains, RealAudio |
| 7005 |
tcp,udp |
afs3-volser |
not scanned |
VMware vCenter Single Sign On base shutdown port.
Volume management server
RealAudio
BMC Control-M/Server
BMC Control-M/Agent
Oracle HTTP
Games: City of Heroes, City of Villains |
| 7006 |
tcp,udp |
afs3-errors |
not scanned |
RealAudio, Error interpretation service, BMC Software CONTROL-M/Server and CONTROL-M/AgentServer-to-Agent, City of Heroes, City of Villains
Trojan.JBosser opens command and control communication on port 7006. |
| 7007 |
tcp,udp |
applications |
Members scan |
Port used by: Windows Media Player Encoder-to-Server Communication, Skype Session Manager, G3Torrent, X-Men Movieverse, Silent Spy, basic overseer process, City of Heroes, City of Villains, RealAudio.
Trojans that use this port: W32.Spybot.Gen3, Silent Spy
MicroSeven MYM71080i-B 2.0.5 through 2.0.20 devices send admin credentials in cleartext to pnp.microseven.com TCP port 7007. An attacker on the same network as the device can capture these credentials.
References: [CVE-2021-29255] |
| 7009 |
tcp |
vmware |
not scanned |
VMware vCenter Single Sign On AJP Port
|
| 7010 |
tcp,udp |
onlinet |
not scanned |
GlassWire service uses port 7010 by default, may also listen to port 20000
Cisco AON AMC (AON Management Console) uses port 7010/tcp
onlinet uninterruptable power supplies (IANA official)
|
| 7013 |
tcp,udp |
games |
not scanned |
Anarchy Online, developer: FunCom |
| 7016 |
tcp,udp |
spg |
not scanned |
Backdoor.Win32.Xingdoor / Denial of Service - the malware "System_XingCheng" listens on TCP port 7016. Attackers who can send a specially crafted packet, can trigger an int 3 "\xcc" breakpoint debug error causing a disruption in service. The error is a MS Visual C++ Debug Error, occurs when the value of ESP is not properly saved across a function call.
References: [MVID-2022-0542]
SPG Controls Carrier (IANA official) |
| 7017 |
tcp,udp |
grasp |
not scanned |
IANA registered for: GeneRic Autonomic Signaling Protocol |
| 7018 |
tcp |
fisa-svc |
not scanned |
FISA Service [FAUCONNET Ingenierie] (IANA official) |
| 7019 |
tcp |
doceri-ctl |
not scanned |
IANA registered for: doceri drawing service control |
| 7019 |
udp |
doceri-view |
not scanned |
IANA registered for: doceri drawing service screen view |
| 7020 |
tcp |
trojan |
Premium scan |
Basic Hell trojan |
| 7021 |
tcp,udp |
dpserveadmin |
not scanned |
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021.
References: [CVE-2001-1356] [BID-3157]
cgi/surgeftpmgr.cgi (aka the Web Manager interface on TCP port 7021 or 9021) in NetWin SurgeFTP version 23f2 has XSS via the classid, domainid, or username parameter.
References: [CVE-2017-17933]
DP Serve Admin (IANA official) |
| 7022 |
tcp |
applications |
not scanned |
Database mirroring endpoints |
| 7023 |
tcp,udp |
ct2nmcs |
not scanned |
Bryan Wilcutt T2-NMCS Protocol for SatCom modems uses port 7023/udp
Comtech T2 NMCS (IANA official) |
| 7025 |
tcp |
applications |
not scanned |
Zimbra LMTP [mailbox] - local mail delivery (IANA official) |
| 7026 |
tcp |
loreji-panel |
not scanned |
IANA registered for: Loreji Webhosting Panel |
| 7030 |
tcp |
trojan |
Premium scan |
Basic Hell trojan |
| 7031 |
tcp |
iposplanet |
not scanned |
IPOSPLANET retailing multi devices protocol [Fabrice_Paget] (IANA official) |
| 7040 |
udp |
quest-disc |
not scanned |
Quest application level network service discovery [Quest Software] (IANA official) |
| 7043 |
tcp |
trojans |
Members scan |
W32.Spybot.YCL [Symantec-2005-100416-5735-99] (2005.10.04) - a worm with backdoor and distributed denial of service (DDoS) capabilities. It can spread by exploiting a number of vulnerabilities, as well as backdoors left by other malware. Opens a backdoor and listens for remote commands via IRC on port 7043/tcp.
Also: W32.Spybot.YQW [Symantec-2005-101515-4844-99] (2005.10.15) |
| 7046 |
tcp |
msnav |
not scanned |
Microsoft Dynamics NAV Server uses ports 7046 tcp (server listening port), and 7047 tcp (http web services listening port). |
| 7047 |
tcp |
msnav |
not scanned |
Microsoft Dynamics NAV Server uses ports 7046 tcp (server listening port), and 7047 tcp (http web services listening port).
Zimbra conversion server (IANA official) |
| 7050 |
tcp,udp |
applications |
not scanned |
The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as demonstrated by a DrivingRestriction method call to uma/jsonrpc/mobile.
References: [CVE-2019-14951]
Services that are running and bound to the loopback interface on the Artica Proxy are accessible through the proxy service. In particular, the "tailon" service is running, running as the root user, is bound to the loopback interface, and is listening on TCP port 7050. Security issues associated with exposing this network service are documented at gvalkov's 'tailon' GitHub repo. Using the tailon service, the contents of any file on the Artica Proxy can be viewed.
References: [CVE-2024-2056] |
| 7061 |
tcp |
applications |
not scanned |
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This vulnerability is independent from CVE-2019-18310. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known.
References: [CVE-2019-18311], [CVE-2019-18310] |
| 7070 |
tcp |
realaudio |
not scanned |
RealAudio
AnyDesk remote desktop software uses TCP ports 80, 443, 6568, 7070 (direct line connection)
Apple QuickTime Streaming Server (RTSP) also uses port 7070 (TCP/UDP).
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070.
References: [BID-1128] [CVE-2000-0272] [OSVDB-1290]
Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser.
References: [CVE-2003-0054] [BID-6960]
Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. The RTSP server on port 7070 accepts the command STOP to stop streaming, and the command SETSSID to disconnect a user.
References: [CVE-2018-13115]
A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.
The request URL on port 7071 and the web socket component requests on port 7070 used by Atmosphere-Framework
within Avaya IP Office, pass Base64 encoded credentials as part of the URL query string.
References: [CVE-2020-7030], [EDB-48581]
IANA registered for: ARCP |
| 7071 |
tcp,udp |
iwg1 |
not scanned |
A sensitive information disclosure vulnerability was discovered in the web interface component of IP Office that may potentially allow a local user to gain unauthorized access to the component. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 though 11.0.4.3.
The request URL on port 7071 and the web socket component requests on port 7070 used by Atmosphere-Framework
within Avaya IP Office, pass Base64 encoded credentials as part of the URL query string.
References: [CVE-2020-7030], [EDB-48581]
IANA registered for: IWGADTS Aircraft Housekeeping Message |
Vulnerabilities listed: 100 (some use multiple ports)
|
