|
Port 23 Details
known port assignments and vulnerabilities
threat/application/port search:
| Port(s) |
Protocol |
Service |
Details |
Source |
| 23 |
tcp |
telnet |
Telnet is one of the oldest Internet protocols and the most popular program for remote access to Unix machines. It has numerous security vulnerabilities [RFC 854]
Trojans that also use this port: Prosiak, Wingate, ADM worm, Aphex's Remote Packet Sniffer , AutoSpY, ButtMan, Fire HacKer, My Very Own trojan, Pest, RTB 666, Tiny Telnet Server - TTS, Truva Atl, Backdoor.Delf variants [Symantec-2003-050207-0707-99], Backdoor.Dagonit [Symantec-2005-092616-0858-99] (2005.09.26)
Stack-based buffer overflow in RabidHamster R2/Extreme 1.65 and earlier allows remote authenticated users to execute arbitrary code via a long string to TCP port 23.
References: [CVE-2012-1222], [BID-52061]
The Emerson DeltaV SE3006 through 11.3.1, DeltaV VE3005 through 10.3.1 and 11.x through 11.3.1, and DeltaV VE3006 through 10.3.1 and 11.x through 11.3.1 allow remote attackers to cause a denial of service (device restart) via a crafted packet on (1) TCP port 23, (2) UDP port 161, or (3) TCP port 513.
References: [CVE-2012-4703]
Buffer overflow in the Remote command server (Rcmd.bat) in IpTools (aka Tiny TCP/IP server) 0.1.4 allows remote attackers to cause a denial of service (crash) via a long string to TCP port 23.
References: [CVE-2012-5345]
Hospira Lifecare PCA infusion pump running "SW ver 412" does not require authentication for Telnet sessions, which allows remote attackers to gain root privileges via TCP port 23.
References: [CVE-2015-3459]
Zhuhai RaySharp firmware has a hardcoded root password, which makes it easier for remote attackers to obtain access via a session on TCP port 23 or 9000.
References [CVE-2015-8286]
Hughes satellite modems contains default telnet service (port 23) account credentials. A remote attacker could exploit this vulnerability to gain administrative access on affected devices.
References: [CVE-2016-9495], [XFDB-122123]
An issue was discovered in Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware. It is configured to provide TELNET remote access (without a password) that pops a shell as root. If an attacker can connect to port 23 on the device, he can completely compromise it.
References: [CVE-2018-12072]
Telestar Digital GmbH Imperial and Dabman Series I and D could allow a remote attacker to gain elevated privileges on the system, caused by the use of weak passwords with hardcoded credentials in an undocumented Telnet service (Telnetd) that connects to Port 23. A remote attacker could exploit this vulnerability to gain root access to the gadgets' embedded Linux BusyBox operating system.
References: [CVE-2019-13473], [XFDB-166724]
Multiple C-Data OLT devices are vulnerable to a denial of service, caused by a shawarma attack. By sending random bytes to the telnet server on port 23, a remote attacker could exploit this vulnerability to cause the device to reboot.
References: [CVE-2020-29057], [XFDB-192290]
An issue was discovered on FiberHome HG6245D devices through RP2613. The telnet daemon on port 23/tcp can be abused with the gpon/gpon credentials.
References: [CVE-2021-27165]
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled BusyBox utilities (e.g., tar and nc).
References: [CVE-2021-37555]
Backdoor.Win32.Agent.oj / Unauthenticated Remote Command Execution - unauthenticated Remote Command Execution Description: The malware listens on TCP port 23, upon connection to an infected host third-party attackers get handed a remote shell.
References: [MVID-2021-0197]
Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials - the malware listens on TCP port 23. Authentication is required, however the credentials test:test are weak and hardcoded within the PE file.
References: [MVID-2022-0568] |
SG
|
| 23 |
udp |
games |
Dungeon Siege II |
SG
|
| 23 |
tcp |
|
Telnet protocol - unencrypted text communications (official) |
Wikipedia
|
| 23 |
tcp |
trojan |
ADM worm, Aphex's Remote Packet Sniffer , AutoSpY, ButtMan, Fire HacKer, My Very Own trojan, Pest, RTB 666, Tiny Telnet Server - TTS, Truva Atl |
Trojans
|
| 23 |
tcp,udp |
applications |
TELNET |
Portforward
|
| 23 |
tcp |
ADMworm |
[trojan] ADM worm |
Neophasis
|
| 23 |
tcp |
FireHacKer |
[trojan] Fire HacKer |
Neophasis
|
| 23 |
tcp |
MyVeryOwntrojan |
[trojan] My Very Own trojan |
Neophasis
|
| 23 |
tcp |
RTB666 |
[trojan] RTB 666 |
Neophasis
|
| 23 |
tcp |
TelnetPro |
[trojan] Telnet Pro |
Neophasis
|
| 23 |
tcp |
TinyTelnetServer |
[trojan] Tiny Telnet Server - TTS |
Neophasis
|
| 23 |
tcp |
TruvaAtl |
[trojan] Truva Atl |
Neophasis
|
| 23 |
tcp |
threat |
Dagonit |
Bekkoame
|
| 23 |
tcp |
threat |
Fire HacKer |
Bekkoame
|
| 23 |
tcp |
threat |
MindControl |
Bekkoame
|
| 23 |
tcp |
threat |
Tiny Telnet Server - TTS |
Bekkoame
|
| 23 |
tcp |
threat |
Truva Atl |
Bekkoame
|
| 23 |
tcp,udp |
telnet |
Telnet [RFC854] |
IANA
|
|
18 records found
Related ports: 161 513 1953 2323 9000 27378 26 73 230
|