Port(s) |
Protocol |
Service |
Scan level |
Description |
8096 |
tcp |
web password reset |
not scanned |
Web password reset (Mac OS X Server v10.6.3 and later)
Emby and Jellyfin HTTP port |
8097 |
tcp |
trojan |
Premium scan |
Kryptonic Ghost Command Pro |
8100 |
tcp |
trojan |
Premium scan |
Console Gateway License Verification
Back streets trojan
BlueMap, a 3D Minecraft web viewer and mapping tool
Xprint Server (TCP/UDP) (IANA official) |
8101 |
tcp |
ldoms-migr |
not scanned |
SmartPTT SCADA 1.1.0.0 allows remote code execution (when the attacker has administrator privileges) by writing a malicious C# script and executing it on the server (via server settings in the administrator control panel on port 8101, by default).
References: [CVE-2023-30459]
Logical Domains Migration (IANA official) |
8102 |
tcp |
kz-migr |
not scanned |
IANA registered for: Oracle Kernel zones migration server |
8110 |
tcp |
trojans |
Premium scan |
DLP, LoseLove |
8111 |
tcp |
malware |
Premium scan |
Warthunder (WWII vehicular combat MMO) video game uses port 8111
Malware that uses this port:D LP, LoseLove
JOSM Remote Control
W32.Eboscro [Symantec-2006-110422-1903-99] (2006.11.04) - a worm that copies itself to removable drives, opens a back door, and lowers security settings on the compromised computer. |
8111 |
udp |
skynetflow |
not scanned |
IANA registered for: Skynetflow network services |
8116 |
tcp,udp |
cp-cluster |
not scanned |
Revo DVRNS
IANA registered for: Check Point Clustering |
8117 |
tcp |
purityrpc |
not scanned |
IANA registered for: clustering and remote management |
8118 |
tcp,udp |
privoxy |
not scanned |
adbyby v2.7 allows external users to make connections via port 8118. This can cause a program logic error and lead to a Denial of Service (DoS) via high CPU usage due to a large number of connections.
References: [CVE-2022-29767]
Privoxy HTTP proxy (IANA official) |
8123 |
tcp |
vipre |
Premium scan |
BURST Reference Software uses TCP ports 8123 (p2p), 8124 (standard mining pool port), 8125 (web interface)
ClickHouse Analytics DB (open source big data) uses TCP port 8123 for its HTTP interface.
Home Assistant (massive open source home automation project) uses port 8123 for WebUI. See: home-assistant.io/hassio/
Minecraft default dynmap mappiing port
Polipo open source web proxy, Bukkit DynMap Default Webserver Bind Address
VIPRE Business Security uses the following TCP ports: 8123, 18082, 18086, 18090. It may also communicate through TCP ports 135, 139, 445.
|
8124 |
tcp |
applications |
not scanned |
BURST Reference Software uses TCP ports 8123 (p2p), 8124 (standard mining pool port), 8125 (web interface) |
8125 |
tcp |
applications |
not scanned |
BURST Reference Software uses TCP ports 8123 (p2p), 8124 (standard mining pool port), 8125 (web interface) |
8126 |
tcp |
trojans |
Members scan |
W32.Pejaybot [Symantec-2005-011415-1848-99] (2005.01.14) - worm that spreads via file sharing networks. Connects to an IRC server and opens a backdoor on port 8126.
W32.Kelvir.Q [Symantec-2005-041213-2840-99] (2005.04.12) - worm that spreads through MSN Messenger and drops a variant of W32.Spybot.Worm [Symantec-2003-053013-5943-99]. Connects to an IRC server on port 8126/tcp. |
8127 |
tcp,udp |
trojans |
not scanned |
9_119, Chonker |
8128 |
tcp,udp |
paycash-online |
not scanned |
PayCash Online Protocol [MegaZone] (IANA official) |
8129 |
tcp,udp |
paycash-wbp |
not scanned |
PayCash Wallet-Browser [MegaZone] (IANA official) |
8130 |
tcp |
trojans |
Premium scan |
9_119, Chonker, DLP
WellinTech KingSCADA before 3.1.2, KingAlarm&Event before 3.1, and KingGraphic before 3.1.2 perform authentication on the KAEClientManager console rather than on the server, which allows remote attackers to bypass intended access restrictions and discover credentials via a crafted packet to TCP port 8130.
References: [CVE-2013-2826] [XFDB-90513] |
8130 |
udp |
malware |
not scanned |
Backdoor.Win32.Loselove / Denial of Service - the malware listens on UDP ports 9329, 8329, 8322, 8131 and 8130. Attackers can send a large junk payload to UDP port 8131 causing it to crash.
References: [MVID-2022-0554] |
8131 |
tcp |
trojan |
Premium scan |
DLP trojan |
8131 |
udp |
malware |
not scanned |
Backdoor.Win32.Loselove / Denial of Service - the malware listens on UDP ports 9329, 8329, 8322, 8131 and 8130. Attackers can send a large junk payload to UDP port 8131 causing it to crash.
References: [MVID-2022-0554] |
8139 |
tcp |
applications |
not scanned |
Puppet (software) Client agent |
8140 |
tcp |
applications |
not scanned |
Puppet (software) Master server |
8143 |
tcp,udp |
applications |
not scanned |
ImapProxy, SCO SSH Tunneling |
8149 |
udp |
eor-game |
not scanned |
IANA registered for: Edge of Reality game data |
8153 |
tcp |
quantastor |
not scanned |
QuantaStor Management Interface [OS NEXUS] (IANA official) |
8162 |
tcp |
lpar2rrd |
not scanned |
IANA registered for: LPAR2RRD client server communication |
8170 |
tcp |
https |
not scanned |
Podcast Capture/podcast CLI |
8171 |
tcp |
https |
not scanned |
Podcast Capture/podcast CLI |
8172 |
tcp |
applications |
Premium scan |
Microsoft Remote Administration for IIS Manager
W32.Zotob.K trojan [Symantec-2005-082415-0814-99] exploits Windows vulnerabilities on port 445, opens UDP port 69 for TFTP, listens to TCP ports 6664 and 8172. |
8173 |
tcp |
trojans |
Premium scan |
Backdoor.Zebroxy [Symantec-2003-082113-3132-99] (2003.08.21) - a trojan horse that opens port 8173 and runs as a proxy server under Windows 2000/XP.
Port also used by: Y-cam Wireless IP Camera |
8175 |
tcp |
pcast tunnel |
not scanned |
Apple pcastagentd (for control operations, camera and so on) |
8181 |
tcp |
trojans |
Members scan |
W32.Erkez.D@mm [Symantec-2004-121413-4703-99] (2004.12.14) - mass mailing worm that can terminate processes, lower security settings, and allow remote access to the compromised computer. Opens a backdoor and listens for remote commands on port 8181/tcp.
Backdoor.Shangxing [Symantec-2007-030516-4150-99] (2007.03.06) also uses this port.
The Web Administrator service (STEMWADM.EXE) in Websense Personal Email Manager 7.1 before Hotfix 4 and Email Security 7.1 before Hotfix 4 allows remote attackers to cause a denial of service (crash) by sending a HTTP GET request to TCP port 8181 and closing the socket before the service can send a response.
References: [CVE-2009-3749], [BID-36740]
IPSwitch IMail is an e-mail server which provides WWW (HTTP) E-mail services. By default this web service resides on port 8181 (TCP/UDP) or 8383 (TCP/UDP). Sending an HTTP request with an extremely long "HOST" field multiple times can cause the system hosting the service to become unresponsive. Each long request "kills" a thread without freeing up the memory used by it. By repeating this request, the system's resources can be used up completely.
References: [BID-2011]
TerraMaster F2-210 devices through 2021-04-03 use UPnP to make the admin web server accessible over the Internet on TCP port 8181, which is arguably inconsistent with the "It is only available on the local network" documentation. NOTE: manually editing /etc/upnp.json provides a partial but undocumented workaround.
References: [CVE-2021-30127]
Intermapper network management system (IANA official) |
8182 |
tcp |
applications |
not scanned |
SQL servers
Port is IANA registered for VMware Fault Domain Manager (TCP/UDP). |
8183 |
tcp |
proremote |
not scanned |
ProRemote |
8184 |
tcp,udp |
itach |
not scanned |
Remote iTach Connection |
8190 |
tcp |
iot |
Members scan |
Veeam Backup and replication suite uses these ports, in addition to common 80, 443, etc.:
6160 TCP - Veeam installer service
6165 TCP - WAN accelerator
6180 TCP/UDP - Veeam cloud gateway
6169, 8190, 8191 TCP - used by SP backup server
10003 TCP - communication with Veeam backup service
Port used by: Ecobee thermostats, Y-cam Wireless IP Cameras
W32.Reatle.E@mm [Symantec-2005-080215-5809-99] (2005.08.02) - a mass-mailing worm that opens a backdoor and also spreads by exploiting the MS LSASS Buffer Overrun Vulnerability ([MS04-011]). Opens backdoors on ports 3351/tcp and 8190/tcp.
Multiple stack-based buffer overflows in Medicomp MEDCIN Engine 2.22.20142.166 might allow remote attackers to execute arbitrary code via a crafted packet on port 8190, related to (1) the GetProperty info_getproperty function and (2) the GetProperty UdfCodeList function.
References: [CVE-2015-2901]
Heap-based buffer overflow in the QualifierList retrieve_qualifier_list function in Medicomp MEDCIN Engine before 2.22.20153.226 might allow remote attackers to execute arbitrary code via a long list name in a packet on port 8190.
References: [CVE-2015-2899]
Multiple stack-based buffer overflows in Medicomp MEDCIN Engine before 2.22.20153.226 might allow remote attackers to execute arbitrary code via a crafted packet on port 8190, related to (1) the SetGroupSequenceEx na_setgroupsequenceex function, (2) the FormatDate julptostr function, and (3) the UserFindingCodes addtocl function.
References: [CVE-2015-2898]
IANA registered for: Generic control plane for RPHY |
8191 |
tcp |
limnerpressure |
not scanned |
Veeam Backup and replication suite uses these ports, in addition to common 80, 443, etc.:
6160 TCP - Veeam installer service
6165 TCP - WAN accelerator
6180 TCP/UDP - Veeam cloud gateway
6169, 8190, 8191 TCP - used by SP backup server
10003 TCP - communication with Veeam backup service
Limner Pressure - a pressure sensitive tablet apllication for Mac and iPad (IANA official) |
8192 |
tcp,udp |
applications |
not scanned |
Sophos Remote Management System, SnapStream PVS, SpyTech Phone Service, Y-cam Wireless IP Camera use this port. |
8193 |
tcp,udp |
applications |
not scanned |
Sophos Remote Management System, Y-cam Wireless IP Camera |
8194 |
tcp,udp |
applications |
not scanned |
Sophos Remote Management System, Bloomberg data API, Y-cam Wireless IP Camera use this port. |
8195 |
tcp |
blp2 |
not scanned |
Bloomberg feed |
8198 |
tcp |
applications |
not scanned |
Sophos Antivirus, Y-cam Wireless IP Camera |
8199 |
tcp |
applications |
not scanned |
Citrix AppDNA Server uses port 8199 for HTTP connections between AppDNA and IIS.
Y-cam Wireless IP Camera
The administrative service in Symantec Veritas Volume Replicator (VVR) for Windows and VVR for Unix, in Symantec Storage Foundation products allows remote attackers to cause a denial of service (memory consumption and service crash) via a crafted packet to the service port (8199/tcp) that triggers a request for more memory than available, which causes the service to write to an invalid pointer.
References: [CVE-2007-1593], [BID-24160]
Port is also IANA registered for VVR data. |
8200 |
tcp,udp |
applications |
not scanned |
Duplicati web server (open source remote backup solution)
Revo DVRNS
GoToMyPC
GoToMeeting, also Citrix workstation GoToMeeting service broker
MiniDLNA media server Web Interface
Backdoor.Win32.Hupigon.aaio / Remote Stack Buffer Overflow - the malware listens on TCP ports 8200,8201,8202,8203 and UDP ports 8200,8204. Third-party attackers who can reach an infected host can trigger a classic remote buffer overflow by sending a large payload to TCP port 8202. This will overwrite the ECX and EIP stack registers and structured exception handler (SEH).
References: [MVID-2021-0255]
TRIVNET (IANA official) |
8201 |
tcp,udp |
trivnet2 |
not scanned |
Backdoor.Win32.Hupigon.aaio / Remote Stack Buffer Overflow - the malware listens on TCP ports 8200,8201,8202,8203 and UDP ports 8200,8204. Third-party attackers who can reach an infected host can trigger a classic remote buffer overflow by sending a large payload to TCP port 8202. This will overwrite the ECX and EIP stack registers and structured exception handler (SEH).
References: [MVID-2021-0255]
TRIVNET (IANA official) |
8202 |
udp |
aesop |
not scanned |
Audio+Ethernet Standard Open Protocol [POWERSOFT SRL] (IANA official) |
8202 |
tcp |
malware |
not scanned |
Backdoor.Win32.Hupigon.aaio / Remote Stack Buffer Overflow - the malware listens on TCP ports 8200,8201,8202,8203 and UDP ports 8200,8204. Third-party attackers who can reach an infected host can trigger a classic remote buffer overflow by sending a large payload to TCP port 8202. This will overwrite the ECX and EIP stack registers and structured exception handler (SEH).
References: [MVID-2021-0255] |
8203 |
tcp |
worm |
not scanned |
W32.Neeris.B [Symantec-2007-091303-4952-99] (2007.09.12) - a worm that spreads through MSN instant messaging applications. It also opens a back door on the compromised computer.
Backdoor.Win32.Hupigon.aaio / Remote Stack Buffer Overflow - the malware listens on TCP ports 8200,8201,8202,8203 and UDP ports 8200,8204. Third-party attackers who can reach an infected host can trigger a classic remote buffer overflow by sending a large payload to TCP port 8202. This will overwrite the ECX and EIP stack registers and structured exception handler (SEH).
References: [MVID-2021-0255] |
8204 |
tcp,udp |
lm-perfworks |
not scanned |
Backdoor.Win32.Hupigon.aaio / Remote Stack Buffer Overflow - the malware listens on TCP ports 8200,8201,8202,8203 and UDP ports 8200,8204. Third-party attackers who can reach an infected host can trigger a classic remote buffer overflow by sending a large payload to TCP port 8202. This will overwrite the ECX and EIP stack registers and structured exception handler (SEH).
References: [MVID-2021-0255]
LM Perfworks (IANA official) |
8211 |
tcp |
applications |
not scanned |
Dealing Office Server
Palworld Server
Y-cam Wireless IP Camera
|
8211 |
udp |
aruba-papi |
not scanned |
There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
References: [CVE-2020-24633]
An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
References: [CVE-2020-24634]
There is a command injection vulnerability that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
References: [CVE-2022-37897]
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities.
References: [CVE-2022-37885], [CVE-2022-37886], [CVE-2022-37887], [CVE-2022-37888], [CVE-2022-37889]
There is a buffer overflow vulnerability in the underlying AirWave client service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system.
References: [CVE-2023-45614], [CVE-2023-45615], [CVE-2023-45616]
Aruba Networks AP management (IANA official) |
8212 |
tcp,udp |
|
not scanned |
Palworld Server REST API |
8222 |
tcp |
applications |
not scanned |
VMWare, Y-cam Wireless IP Camera |
8225 |
tcp |
applications |
not scanned |
IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND.
References: [CVE-2002-0780], [BID-4697] |
8231 |
udp |
hncp-udp-port |
not scanned |
IANA registered for: HNCP |
8232 |
udp |
hncp-dtls-port |
not scanned |
IANA registered for: HNCP over DTLS |
8236 |
tcp,udp |
applications |
not scanned |
jRCS listener for Rocket Software jBASE Remote Connectivity Server |
8243 |
tcp,udp |
synapse-nhttps |
not scanned |
Synapse Non Blocking HTTPS, HTTPS listener for Apache Synapse, Y-cam Wireless IP Camera |
8245 |
tcp |
applications |
not scanned |
No-IP, DynDNS, Y-cam Wireless IP Camera use this port. |
8257 |
tcp |
applications |
not scanned |
Papenmeier WiFi Baby Monitor Free & Lite before 2.02.2 allows remote attackers to obtain audio data via certain requests to TCP ports 8258 and 8257.
References: [CVE-2018-7661], [EDB-442322]
|
8258 |
tcp |
applications |
not scanned |
Papenmeier WiFi Baby Monitor Free & Lite before 2.02.2 allows remote attackers to obtain audio data via certain requests to TCP ports 8258 and 8257.
References: [CVE-2018-7661], [EDB-442322] |
8270 |
tcp |
robot-remote |
not scanned |
IANA registered for: Robot Framework Remote Library Interface |
8276 |
tcp,udp |
ms-mcc |
not scanned |
Microsoft Connected Cache (IANA official) |
8280 |
tcp,udp |
synapse |
not scanned |
Apache Synapse, Y-cam Wireless IP Camera use this port. |
8282 |
tcp |
applications |
not scanned |
Y-cam Wireless IP Camera, SAS Server, CS Intranet use this port.
IANA registered for: Libelle EnterpriseBus |
8282 |
udp |
libelle-disc |
not scanned |
IANA registered for: Libelle EnterpriseBus discovery |
8284 |
tcp |
citrix |
not scanned |
Citrix Workspace Environment Management (WEM) uses these ports:
8284,8285,8286,8287 TCP - agent and administration console connections
49752 TCP - agent listening port
7279,27000 TCP - Citrix license server ports |
8285 |
tcp |
citrix |
not scanned |
Citrix Workspace Environment Management (WEM) uses these ports:
8284,8285,8286,8287 TCP - agent and administration console connections
49752 TCP - agent listening port
7279,27000 TCP - Citrix license server ports |
8286 |
tcp |
citrix |
not scanned |
Citrix Workspace Environment Management (WEM) uses these ports:
8284,8285,8286,8287 TCP - agent and administration console connections
49752 TCP - agent listening port
7279,27000 TCP - Citrix license server ports |
8287 |
tcp |
citrix |
not scanned |
Citrix Workspace Environment Management (WEM) uses these ports:
8284,8285,8286,8287 TCP - agent and administration console connections
49752 TCP - agent listening port
7279,27000 TCP - Citrix license server ports |
8291 |
tcp |
mikrotik |
not scanned |
MikroTik RouterOS uses the following ports:
5678/udp - Mikrotik Neighbor Discovery Protocol
6343/tcp - Default OpenFlow port
8080/tcp - HTTP Web Proxy
8291/tcp - Winbox GUI
8728/tcp - API
8729/tcp - API-SSL
20561/udp - MAC Winbox GUI
RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow remote unauthenticated attackers to trigger DNS queries via port 8291. The queries are sent from the router to a server of the attacker's choice. The DNS responses are cached by the router, potentially resulting in cache poisoning.
References: [CVE-2019-3978], [XFDB-170447] |
8293 |
tcp |
hiperscan-id |
not scanned |
Hiperscan Identification Service |
8300 |
tcp |
applications |
not scanned |
Messenger Agents (nmma.exe) in Novell GroupWise allow remote attackers to cause a denial of service (crash) via a crafted HTTP POST request to TCP port 8300 with a modified val parameter, which triggers a null dereference related to "zero-size strings in blowfish routines."
References: [CVE-2006-4511], [BID-20316]
Port is also IANA registered for Transport Management Interface |
8301 |
tcp |
amberon |
Premium scan |
Hashicorp Consul (network service discovery platform)
Y-cam Wireless IP Camera
Trojans using this port: DLP, LoseLove
Amberon PPC/PPS (IANA official) |
8302 |
tcp |
trojans |
Premium scan |
DLP, LoseLove |
8303 |
udp |
applications |
not scanned |
Teeworlds Server |
8311 |
tcp |
trojan |
Premium scan |
Backdoor.Mxsender [Symantec-2003-101014-4332-99] (2003.10.10) - a backdoor trojan horse that gives an attacker unauthorized access to a compromised computer. It connects to port 8311 of the predetermined servers and waits for commands from its author.
SweetHeart trojan |
8313 |
tcp |
hub-open-net |
not scanned |
Hub Open Network [Grexie] (IANA official) |
8322 |
tcp |
trojan |
Premium scan |
DLP trojan
Garmin Marine (TCP/UDP) (IANA official) |
8322 |
udp |
malware |
not scanned |
Backdoor.Win32.Loselove / Denial of Service - the malware listens on UDP ports 9329, 8329, 8322, 8131 and 8130. Attackers can send a large junk payload to UDP port 8131 causing it to crash.
References: [MVID-2022-0554] |
8324 |
tcp |
plex |
not scanned |
Plex Media Server uses port 8324 TCP locally for controlling Plex for Roku via Plex Companion. |
8329 |
tcp |
trojan |
Premium scan |
DLP trojan |
8329 |
udp |
malware |
not scanned |
Backdoor.Win32.Loselove / Denial of Service - the malware listens on UDP ports 9329, 8329, 8322, 8131 and 8130. Attackers can send a large junk payload to UDP port 8131 causing it to crash.
References: [MVID-2022-0554] |
8331 |
tcp |
applications |
not scanned |
MultiBit |
8332 |
tcp |
bitcoin |
not scanned |
IANA registered for: Bitcoin JSON-RPC server |
8333 |
tcp |
applications |
Premium scan |
Bitcoin cryptocurrency uses port 8333. (Bitcoin Testnet uses 18333 instead)
Common cryptocurrency ports (TCP):
Bitcoin: 8333
Litecoin: 9333
Dash: 9999
Dogecoin: 22556
Ethereum: 30303
VMware Server Management User Interface , Y-cam Wireless IP Camera |
8334 |
tcp |
applications |
not scanned |
Filestash server |
8337 |
tcp |
applications |
not scanned |
VisualSVN Distributed File System Service (VDFS) |
8347 |
tcp |
sophos |
not scanned |
Sophos Security Heartbeat updates uses port 8347 |
8372 |
tcp |
trojan |
Premium scan |
NetBoy trojan |
8376 |
tcp,udp |
cruise-enum |
not scanned |
Vulnerability in CounterPath eyeBeam can cause a DoS (Denial of Service) and potentially compromise a user's system. The vulnerability is caused due to a boundary error when handling malformed SIP packets. This can be exploited to cause heap corruption, which crashes the application and may allow arbitrary code execution via specially crafted SIP packets sent to port 8376/udp.
References: [CVE-2006-0359] [SECUNIA-18516]
IANA registered for Cruise ENUM |
8379 |
tcp,udp |
trojans |
Premium scan |
Backdoor.Binghe [Symantec-2005-030215-5059-99] (2005.03.02) - a back door Trojan horse program that allows unauthorized access to a compromised computer. The Trojan logs keystrokes, steals information, and has ability to execute programs. Opens a back door on TCP ports 8848 and 8379, and UDP port 8379. |
8383 |
tcp |
imail www |
not scanned |
IPSwitch IMail admin port, IPSwitch IMail http frontend
IPSwitch IMail is an e-mail server which provides WWW (HTTP) E-mail services. By default this web service resides on port 8181 (TCP/UDP) or 8383 (TCP/UDP). Sending an HTTP request with an extremely long "HOST" field multiple times can cause the system hosting the service to become unresponsive. Each long request "kills" a thread without freeing up the memory used by it. By repeating this request, the system's resources can be used up completely.
References: [BID-2011] |
8384 |
udp |
marathontp |
not scanned |
Marathon Transport Protocol (IANA official) |
8384 |
tcp |
applications |
not scanned |
Syncthing uses the following ports:
8384/TCP - web GUI
22000/TCP - listening port
21027/UDP - discovery broadcasts on IPv4, multicasts on IPv6. |
8388 |
tcp |
applications |
not scanned |
Shadowsocks proxy server |
8393-8400 |
tcp |
maestro |
not scanned |
League of Legends game uses the following ports:
5000 - 5500 UDP - League of Legends Game Client
8393 - 8400 TCP - Patcher and Maestro
2099 TCP - PVP.Net
5222 TCP - PVP.Net
5223 TCP - PVP.Net
80 TCP - HTTP Connections
443 TCP - HTTPS Connections |
8400 |
tcp,udp |
cvd |
not scanned |
cvp, Commvault Unified Data Management
IANA registered for: cvd |