| Port(s) |
Protocol |
Service |
Scan level |
Description |
| 10001 |
udp |
ubiquity |
not scanned |
Ubiquity Networks uses port 10001/UDP for its AirControl management discovery protocol |
| 10002 |
tcp |
trojans |
Premium scan |
Wyze cameras use these ports:
80, 443 TCP/UDP - timelapse, cloud uploads, streaming data
8443 TCP - cloud api, server connection
123 TCP - time check
10001 TCP - P2P WiFi live streaming
10002 TCP - Firmware updates
22345 TCP - control, used when live streaming
Backdoor.Zdemon.126 [Symantec-2003-050512-3204-99] (2003.05.05) - remote access trojan, 05.2003
Lula trojan
Backdoor.Win32.Tonerok.d / Unauthenticated Remote Command Execution - the malware listens on TCP port 10002 and drops an executable named "svchost.exe" under Windows dir. Third-party attackers who can reach an infected system can execute commands made available by the backdoor.
References: [MVID-2021-0226]
Trojan-Dropper.Win32.Googite.b / Unauthenticated Remote Command Execution - the malware listens on TCP ports 3388, 4488 and 10002 and drops executables under both Windows and SysWOW64 dirs. Third-party attackers who can reach infected systems can connect to port 10002 and run commands made available by the backdoor to retrieve information etc.
References: [MVID-2021-0254]
Trojan-Dropper.Win32.Krepper.a / Unauthenticated Remote Command Execution - the malware listens on TCP port 10002 and drops several executables under Windows dir. Third-party attackers who can reach infected systems can connect to port 10002 and run commands made available by the backdoor to retrieve information etc
References: [MVID-2021-0260]
Backdoor.Win32.Avstral.e / Unauthenticated Remote Command Execution - the malware listens on TCP port 10002. Third-party adversaries who can reach an infected host can run commands made available by the backdoor.
References: [MVID-2022-0529]
SCP Configuration Port (IANA official) |
| 10003 |
tcp |
veeam |
Premium scan |
Veeam Backup and replication suite uses these ports, in addition to common 80, 443, etc.:
6160 TCP - Veeam installer service
6165 TCP - WAN accelerator
6180 TCP/UDP - Veeam cloud gateway
6169, 8190, 8191 TCP - used by SP backup server
10003 TCP - communication with Veeam backup service
The port is also used by ForeScout SecureConnector - a lightweight agent that creates a secure connection with the ForeScout CounterACT RemoteControl appliance and enables internet-based compliance management.
Lula trojan
|
| 10005 |
tcp |
trojan |
Premium scan |
OpwinTRojan
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp to obtain passwords of the device. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known
References: [CVE-2019-10921],[CVE-2019-10920], [CVE-2019-10919], [BID-108382]
A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0BA8 FS:01 to FS:06 / Firmware version V1.80.xx and V1.81.xx), SIEMENS LOGO!8 (6ED1052-xyy08-0BA0 FS:01 / Firmware version < V1.82.02). An attacker with network access to port 10005/tcp of the LOGO! device could cause a Denial-of-Service condition by sending specially crafted packets. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected service. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises availability of the targeted system. At the time of advisory publication no public exploitation of this security vulnerability was known.
References: [CVE-2019-6571]
A vulnerability has been identified in LOGO!8 BM (All versions). Unencrypted storage of passwords in the project could allow an attacker with access to port 10005/tcp to obtain passwords of the device. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known
References: [CVE-2019-10921]
A vulnerability has been identified in LOGO!8 BM (All versions). Project data stored on the device, which is accessible via port 10005/tcp, can be decrypted due to a hardcoded encryption key. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
References: [CVE-2019-10920], [BID-108382]
A vulnerability has been identified in LOGO!8 BM (All versions). Attackers with access to port 10005/tcp could perform device reconfigurations and obtain project files from the devices. The system manual recommends to protect access to this port. The security vulnerability could be exploited by an unauthenticated attacker with network access to port 10005/tcp. No user interaction is required to exploit this security vulnerability. The vulnerability impacts confidentiality, integrity, and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known.
References: [CVE-2019-10919] |
| 10006 |
tcp |
games |
not scanned |
Veeam Agent for Linux v.6 uses these ports:
137-139, 445 tcp/udp - SMB(CIFS) shared folder
2500-3300 tcp - range of ports used for Veeam agent backup jobs
10006 tcp - backup server communication
10808 tcp - loopback port utilized for internal traffic only
Game: Dungeon Fighter Online, developer: Neople |
| 10007 |
tcp |
games |
not scanned |
RF Online |
| 10008 |
tcp |
worm |
Premium scan |
In early 2001, many exploit scripts for DNS TSIG name overflow would place a root shell on this port.
Cheese Worm (2001) - spreads and scans other machines through port 10008/tcp.
LionWorm uses this port.
See also CERT: IN-2001-05
IANA registered for: Octopus Multiplexer
|
| 10009 |
tcp,udp |
applications |
not scanned |
IANA registered for: Cross Fire, a multiplayer online First Person Shooter |
| 10010 |
tcp |
rxapi |
not scanned |
ooRexx rxapi services |
| 10011 |
tcp |
applications |
Premium scan |
TeamSpeak 3 default serverquery port.
TS3 uses the following ports:
9987 UDP (default voice port)
10011 TCP (default serverquery port)
30033 TCP (default filetransfer port)
41144 TCP (default tsdns port)
TS3 also connects to: accounting.teamspeak.com:2008 (TCP for license checks) and weblist.teamspeak.com:2010 (UDP). TS3 weblist also uses ports 2011-2110 (UDP out, first available port in range).
|
| 10012 |
tcp |
apps |
Premium scan |
Absen's Android-based LED wall uses port 10012/tcp
Amanda trojan (2010) |
| 10013 |
tcp |
trojan |
Premium scan |
Amanda trojan |
| 10017 |
tcp,udp |
applications |
not scanned |
AIX,NeXT, HPUX-rexd daemon control |
| 10019 |
tcp,udp |
applications |
not scanned |
Revo DVRNS |
| 10020 |
tcp |
abb-hw |
not scanned |
Proofpoint (email protection service) uses port 10020 TCP to access their SaaS servers
IANA registered for: Hardware configuration and maintenance |
| 10022 |
tcp |
intouch |
not scanned |
Gecko In.Touch (also in.touch 2) spa controller |
| 10023 |
udp |
cefd-vmp |
not scanned |
Comtech EF-Data's Vipersat Management Protocol - a feature-rich, automated bandwidth, capacity, and network management system with a high degree of configuration automation. [Comtech] (IANA official) |
| 10024 |
tcp |
applications |
not scanned |
IANA registered for: Zimbra smtp [mta] - to amavis from postfix |
| 10025 |
tcp |
applications |
not scanned |
IANA registered for: Ximbra smtp [mta] - back to postfix from amavis |
| 10027 |
tcp |
trojans |
Premium scan |
W32.Mytob.JW@mm [Symantec-2005-100312-4423-99] (2005.10.03) - a mass-mailing worm with backdoor capabilities that lowers security settings on the compromised computer. Opens a backdoor and listens for remote commands on port 8000/tcp. Also uses port 10027/tcp to download a copy of the worm.
Default port for IBM WebSphere Portal Application Server Administrative Console |
| 10050 |
tcp,udp |
zabbix-agent |
not scanned |
Zabbix Agent (IANA official) |
| 10051 |
tcp,udp |
zabbix-trapper |
not scanned |
Zabbix Trapper (IANA official) |
| 10053 |
tcp,udp |
malware |
not scanned |
Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files.
References: [CVE-2022-46768] |
| 10055 |
tcp |
qptlmd |
not scanned |
Quantapoint FLEXlm Licensing Service |
| 10067 |
udp |
trojans |
not scanned |
Portal of Doom (coded in Visual Basic, 03.1999) is a popular remote access trojan that uses ports 3700/tcp, 9872-9875/tcp, 10067/udp, 10167/udp. |
| 10070 |
tcp,udp |
games |
not scanned |
Amplitude (PS2) uses ports 10070-10080, developer: Harmonix
Socom also uses ports 10070-10080 (TCP) |
| 10080 |
tcp |
trojans |
Premium scan |
Dogtag Certificate System authority uses port 9080 (ca) and port 9443 (secure ca) by default.
Dograg Certificate PKI Subsystems may also use:
DRM - ports 10080 (drm) and 10443 (drm secure)
OCSP - ports 11080 (ocsp) and 11443 (ocsp secure)
RA - ports 12888 (ra) and 12889 (ra secure)
TKS - ports 13080 (tks) and 13443 (tks secure)
TPS - ports (tps) 7888 and 7889 (tps secure)
Mydoom.B [Symantec-2004-012816-3647-99] (2004.01.28) - mass-mailing worm that opens a backdoor into the system. The backdoor makes use of TCP ports 80, 1080, 3128, 8080, and 10080.
IANA registered for: Amanda backup software |
| 10082 |
tcp |
trojans |
Premium scan |
W32.Mytob.CP@mm [Symantec-2005-052214-0509-99] (2005.05.22) - mass-mailing worm with backdoor capabilities. Uses its own SMTP engine, spreads by exploiting the MS Security Bulletin [MS04-011] vulnerability. Starts an FTP server on a random TCP port. Uses port 10082/tcp to download the worm as "bingoo.exe". |
| 10084 |
tcp,udp |
trojan |
not scanned |
Syphillis trojan |
| 10085 |
tcp |
trojans |
Premium scan |
W32.Mytob.BL@mm [Symantec-2005-042416-0006-99] (2005.04.24) - mass-mailing worm with backdoor capabilities. Connects to an IRC server on port 6667/tcp, opens a backdoor FTP server on port 10085.
Syphillis trojan horse also uses port 10085 (TCP). |
| 10086 |
tcp |
trojans |
Members scan |
Syphillis trojan, W32.Mytob |
| 10087 |
tcp |
trojans |
Members scan |
W32.Mytob.AD@mm [Symantec-2005-040800-3252-99] - mass-mailing worm with built-in SMTP engine. Spreads by exploiting the MS DCOM RPC vulnerability ([MS03-026]) and the MS Windows Local Security Authority Service Remote Buffer Overflow ([MS04-011]). Opens a backdoor on port 10087/tcp. Also connects to an IRC channel on the ircd.dists.com domain on port 6667 and listens for commands. Compromised PCs can be rebooted remotely, files can be downloaded/executed, and IRC commands can be performed. W32.Mytob.AA@mm [Symantec-2005-040421-3550-99] and W32.Mytob.AQ@mm [Symantec-2005-041112-3912-99] variants also open this port. W32.Mytob.IH@mm variant listens on port 31113/tcp. W32.Mytob.FP@mm opens backdoors on ports 10087/tcp and 12347/tcp. |
| 10089 |
tcp |
trojans |
Premium scan |
W32.Mytob.AR@mm [Symantec-2005-041116-0718-99] (2005.04.11) - mass-mailing worm with backdoor capabilities. Uses its own SMTP engine. Opens a backdoor on port 10089/tcp, and connects to an IRC server on port 8080. |
| 10090 |
tcp,udp |
games |
not scanned |
PlayLink online game |
| 10093 |
tcp,udp |
games |
not scanned |
Football Manager 2005 |
| 10094 |
tcp,udp |
games |
not scanned |
Football Manager 2005 |
| 10099 |
tcp |
trojans |
Premium scan |
W32.Mytob.FX@mm [Symantec-2005-062313-5401-99] - mass-mailing worm that opens a backdoor and listens for remote commands on port 36311/tcp, also runs an FTP server on port 10099/tcp. |
| 10100 |
tcp,udp |
trojans |
not scanned |
Backdoor.Ranky.O [Symantec-2004-122417-2948-99], Control Total, GiFt trojan, Scalper, Slapper
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated attacker to remotely execute arbitrary code.
References: [CVE-2023-1133] |
| 10101 |
tcp |
trojan |
Premium scan |
BrainSpy trojan |
| 10102 |
tcp |
backdoor |
Premium scan |
Backdoor.Staprew.B [Symantec-2005-050215-0935-99] (2005.05.02) - backdoor program, contacts the lowesapr.net domain on port 10102/tcp with the IP of the compromised computer and a number of the random tcp port of the backdoor.
Backdoor.Urat [Symantec-2003-063013-1558-99] (2003.06.30) - allows unauthorized access to an infected computer. This Trojan Horse opens port 10102 to communicate with the attacker.
Port is also IANA registered for eZproxy |
| 10102 |
udp |
playfi |
not scanned |
Play-Fi from DTS may broadcast on port 10102/UDP to discover speakers/devices. |
| 10103 |
tcp |
trojan |
Premium scan |
Backdoor.Tuimer [Symantec-2005-031715-1256-99] |
| 10104 |
udp |
trojans |
not scanned |
Backdoor.Lowtaper [Symantec-2004-101411-3637-99] - remote access trojan, affects Windows, uses ports 24681/tcp and 10104/udp |
| 10109 |
tcp |
vmware |
not scanned |
VMware vSphere vCenter Inventory Service Service Management
|
| 10110 |
tcp,udp |
nmea-0183 |
not scanned |
Backdoor.Win32.Prexot.a / Authentication Bypass - the malware listens on random high TCP ports e.g 11404, 19545, 17001, 10110. Third-party attackers who can reach an infected system can logon using any username/password combination.
References: [MVID-2022-0484]
Backdoor.Win32.Prexot.a / Port Bounce Scan (MITM) - the malware listens on random high TCP ports e.g 11404, 19545, 17001, 10110 and accepts any credentials. Third-party intruders who successfully logon can abuse the backdoor FTP server as a man-in-the-middle machine allowing PORT Command bounce scan attacks using Nmap. This vulnerability allows remote attackers to abuse your system and discreetly conduct network port scanning. Victims will then think these scans are originating from the infected system running the afflicted malware FTP Server and not you.
References: [MVID-2022-0485]
NMEA-0183 Navigational Data (IANA official) |
| 10111 |
udp |
nmea-onenet |
not scanned |
NMEA OneNet multicast messaging [National Marine Electronics Association] (IANA official) |
| 10111 |
tcp |
vmware |
not scanned |
VMware vSphere vCenter Inventory Service Linked Mode Communication |
| 10113 |
tcp,udp |
netiq-endpoint |
not scanned |
NetIQ Endpoint (IANA official) |
| 10114 |
tcp,udp |
netiq-qcheck |
not scanned |
NetIQ Qcheck (IANA official) |
| 10115 |
tcp,udp |
netiq-endpt |
not scanned |
NetIQ Endpoint (IANA official) |
| 10116 |
tcp,udp |
netiq-voipa |
not scanned |
NetIQ VoIP Assessor (IANA official) |
| 10117 |
tcp,udp |
iqrm |
not scanned |
NetIQ IQCResource Managament Svc (IANA official) |
| 10123 |
tcp |
sccm |
not scanned |
SCCM (System Center Configuration Manager) Microsoft software management suite uses port 10123 for client notifications |
| 10128 |
tcp |
applications |
not scanned |
Stack-based buffer overflow in bgs_sdservice.exe in BMC Patrol PerformAgent allows remote attackers to execute arbitrary code by connecting to TCP port 10128 and sending certain XDR data, which is not properly parsed.
References: [CVE-2007-2136], [BID-23557]
Port is also IANA registered for BMC-Perform-Service Daemon |
| 10129 |
tcp |
bmc-gms |
not scanned |
BMC General Manager Server |
| 10137 |
udp |
applications |
not scanned |
Avaya WinPDM is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the MwpCsi.exe service. By sending an overly long string to UDP port 10137, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
References: [XFDB-67604] [BID-47947] |
| 10138 |
udp |
applications |
not scanned |
Avaya WinPDM is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by PMServer.exe service. By sending an overly long string to UDP port 10138, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
References: [XFDB-67605], [BID-47947] |
| 10155 |
tcp |
rsync |
not scanned |
Plesk rsync custom migrator service for misc tasks (Windows only) uses port 10155/tcp |
| 10156 |
tcp |
rsync |
not scanned |
Plesk rsync server migration (Windows only) uses port 10156/tcp |
| 10161 |
tcp |
snmptls |
not scanned |
SNMP-TLS [RFC 6353] (IANA official) |
| 10161 |
udp |
snmpdtls |
not scanned |
SNMP-DTLS [RFC6353] (IANA official) |
| 10167 |
udp |
trojans |
not scanned |
Portal of Doom (coded in Visual Basic, 03.1999) is a popular remote access trojan that uses ports 3700/tcp, 9872-9875/tcp, 10067/udp, 10167/udp. |
| 10168 |
tcp |
trojans |
Premium scan |
W32.HLLW.Lovgate [Symantec-2003-021916-4352-99] - a worm with backdoor trojan capabilities. Affects all current Windows versions. |
| 10172 |
tcp |
applications |
not scanned |
Intuit Quickbooks client |
| 10194 |
tcp |
twilio |
not scanned |
Twilio Client WebRTC uses port 10194 TCP for signaling to chunderm.gll.twilio.com
|
| 10196 |
udp |
games |
not scanned |
Tom Clancy's Splinter Cell: Conviction, developer: Ubisoft Montreal |
| 10200 |
tcp,udp |
trisoap |
not scanned |
NetFone, FRISK Software International's fpscand virus scanning daemon for Unix platforms (TCP)
A flaw exists in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200. An unauthenticated, remote attacker can exploit this issue, via a specially crafted message, to terminate ttmd.exe.
References: [CVE-2020-5778], [CVE-2020-5779]
Trigence AE Soap Service (IANA official) |
| 10201 |
tcp |
rsms |
not scanned |
Remote Server Management Service, FRISK Software International's f-protd virus scanning daemon for Unix platforms |
| 10201 |
udp |
rscs |
not scanned |
Remote Server Control and Test Service (IANA official) |
| 10212 |
tcp |
applications |
not scanned |
Multiple buffer overflows in CimWebServer.exe in the WebView component in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.0 SIM 27, 8.1 before SIM 25, and 8.2 before SIM 19, and Proficy Process Systems with CIMPLICITY, allow remote attackers to execute arbitrary code via crafted data in packets to TCP port 10212, aka ZDI-CAN-1621 and ZDI-CAN-1624.
References: [CVE-2013-2785]
Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE Intelligent Platforms Proficy HMI/SCADA - CIMPLICITY before 8.2 SIM 24, and Proficy Process Systems with CIMPLICITY, allows remote attackers to execute arbitrary code via a crafted message to TCP port 10212, aka ZDI-CAN-1623.
References: [CVE-2014-0751], [BID-65117] |
| 10241 |
tcp |
games |
not scanned |
Aion |
| 10243 |
tcp,udp |
wmp |
not scanned |
Windows Media Player Network Sharing Service |
| 10250 |
tcp,udp |
applications |
not scanned |
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.
References: [CVE-2020-8551]
A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated `/exec` requests to execute arbitrary commands within running containers. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
References: [CVE-2021-20198] |
| 10253 |
udp |
eapol-relay |
not scanned |
Relay of EAPOL frames (IANA official) |
| 10255 |
tcp,udp |
applications |
not scanned |
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.
References: [CVE-2020-8551] |
| 10261 |
tcp |
tile-ml |
not scanned |
IANA registered for: Tile remote machine learning |
| 10301 |
tcp |
applications |
not scanned |
VoiceIP-ACS UMP default device provisioning endpoint |
| 10302 |
tcp |
applications |
not scanned |
VoiceIP-ACS UMP default device provisioning endpoint (SSL) |
| 10308 |
tcp,udp |
applications |
not scanned |
Lock On
DCS Black Shark
Digital Combat Simulator Dedicated Server |
| 10426 |
tcp |
applications |
not scanned |
Backdoor.Win32.Agent.cu / Authentication Bypass RCE - the malware listens on TCP ports 10426, 56185. Third-party attackers who can reach infected systems can logon using any username/password combination. Intruders may then upload executables using ftp PASV, STOR commands, this can result in remote code execution.
References: [MVID-2021-0303] |
| 10439 |
udp |
bngsync |
not scanned |
BalanceNG session table synchronization protocol - a Software IP Load Balancing Solution utilising its own network stacks and functionality. [Inlab_Software_GmbH] (IANA official) |
| 10443 |
tcp,udp |
dogtag |
Premium scan |
Commonly used as an alternate SSL port.
VMware vSphere vCenter Inventory Service HTTPS
Fortinet SSL VPN default alternate port
Dogtag Certificate System authority uses port 9080 (ca) and port 9443 (secure ca) by default.
Dograg Certificate PKI Subsystems may also use:
DRM - ports 10080 (drm) and 10443 (drm secure)
OCSP - ports 11080 (ocsp) and 11443 (ocsp secure)
RA - ports 12888 (ra) and 12889 (ra secure)
TKS - ports 13080 (tks) and 13443 (tks secure)
TPS - ports (tps) 7888 and 7889 (tps secure)
IANA registered for: CirrosSP Workstation Communication (TCP) |
| 10468 |
udp |
applications |
not scanned |
Flyer - discovery protocol |
| 10480 |
udp |
games |
not scanned |
Swat 4 |
| 10481 |
udp |
games |
not scanned |
Swat 4 |
| 10482 |
udp |
games |
not scanned |
Swat 4 |
| 10483 |
udp |
games |
not scanned |
Swat 4 |
| 10498 |
udp |
trojan |
not scanned |
Mstream trojan
DDOS Communication also uses this port |
| 10500 |
udp |
hip-nat-t |
not scanned |
HIP NAT-Traversal [RFC 5770] (IANA official) |
| 10500 |
tcp |
worm |
Premium scan |
Dark Ages of Camelot game uses TCP ports 1280,10500,10622 TCP and a dynamic UDP port (1024-65535 range)
W32.Linkbot.H [Symantec-2005-011210-3257-99] (2005.01.12) - a worm that exploits the Microsoft Windows LSASS Buffer Overrun Vulnerability (Microsoft Security Bulletin [MS04-011]) in order to propagate. It also creates a back door on the system accessible through IRC. |
| 10514 |
udp |
applications |
not scanned |
A vulnerability has been reported in WinSyslog, which can be exploited to cause a DoS (Denial of Service) on a vulnerable syslog server.
The vulnerability is caused due to an error when the interactive syslog server receives and displays syslog events. This can be exploited by sending UDP datagrams containing arbitrary, overly large amounts of data to the interactive server (default port 10514/udp), which will cause it to freeze and halt the OS.
References: [SECUNIA-10004] |
| 10520 |
tcp |
trojan |
Premium scan |
Acid Shivers trojan |
| 10528 |
tcp |
trojan |
Premium scan |
Host Control trojan |
| 10529 |
tcp,udp |
applications |
not scanned |
Buzz 3D VideoChat |
| 10532 |
udp |
games |
not scanned |
Commandos 3: Destination Berlin |
| 10548 |
tcp |
serverdocs |
not scanned |
Apple Document Sharing (IANA official) |
| 10554 |
tcp |
applications |
not scanned |
On Wireless IP Camera (P2P) WIFICAM devices, an attacker can use the RTSP server on port 10554/tcp to watch the streaming without authentication via tcp/av0_1 or tcp/av0_0.
References: [CVE-2017-8223], [XFDB-125410] |
| 10578 |
tcp |
games |
not scanned |
Skyrim Together multiplayer server for the The Elder Scrolls V: Skyrim mod. |
| 10600 |
tcp,udp |
applications |
not scanned |
OpenWengo |
| 10602 |
tcp,udp |
applications |
not scanned |
OpenWengo |
