Shortcuts
|
Vulnerable Ports
This list (a very small part of our SG Ports database) includes TCP/UDP ports currently tested by our Security Scanner, and corresponding potential security threats.
We update the list on a regular basis, however if you feel we should add other port(s) to the list or modify their descriptions, please .
Any feedback and suggestions can also be posted to our Security forum.
| Port(s) |
Protocol |
Service |
Scan level |
Description |
| 29984 |
tcp |
trojan |
Premium scan |
Trojan Spirit 2001a |
| 29999 |
tcp |
trojans |
Premium scan |
Backdoor.AntiLam [Symantec-2002-060715-0902-99], a.k.a. AntiLamer backdoor - remote access trojan, affects Windows, listens on TCP ports 29559 and 47891, may also use port 29999.
Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, CB3 SW Version 3.0 and upwards, e-series SW Version 5.0 and upwards expose a service called DashBoard server at port 29999 that allows for control over core robot functions like starting/stopping programs, shutdown, reset safety and more. The DashBoard server is not protected by any kind of authentication or authorization.
References: [CVE-2020-10265], [XFDB-179125]
IANA registered for: Data exchange protocol for IEC61850 in wind power plants [DEIF_AS] |
| 30000 |
tcp |
trojans |
Premium scan |
Pokemon Netbattle
GnomeMeeting (audio and videoconference) uses ports 30000-30010
Infector trojan (1999-04) - affects Windows 9x (ICQ). Uses ports 146, 1208, 17569, 24000, 30000
Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000.
References: [CVE-2009-4988], [BID-35933]
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new Kubernetes Deployment running arbitrary code. If minikube mount is in use, the attacker could also directly access the host filesystem.
References: [CVE-2018-1002103]
ndmps - Secure Network Data Management Protocol (IANA official) |
| 30000 |
udp |
applications |
not scanned |
Xlink Kai
Minetest server default port |
| 30001 |
tcp |
trojans |
Members scan |
Err0r32 (ErrOr32), Terr0r32 (TerrOr32) trojans
W32.Gaobot.ADX [Symantec-2004-042412-3100-99] (2004.04.24) - Windows worm that spreads through a few different methods, including open network shares, several known Windows vulnerabilities, and other backdoors like Beagle and Mydoom. Listens on these TCP ports: 63000 (HTTP), 63001 (HTTPS), 30001 (SOCKS proxy), and a FTP server on a random port.
In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained.
References: [CVE-2018-10635], [BID-104710] |
| 30002 |
udp |
games |
not scanned |
Colin McRae DiRT
In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained.
References: [CVE-2018-10635], [BID-104710] |
| 30003 |
tcp |
trojan |
Premium scan |
Lamers Death trojan
tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service (daemon crash) via a crafted type_offset value in a TCP packet to port 30003.
References: [CVE-2012-0698]
In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained.
References: [CVE-2018-10635], [BID-104710] |
| 30004 |
udp |
amicon-fpsu-s |
not scanned |
CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards allow authenticated access to the RTDE (Real-Time Data Exchange) interface on port 30004 which allows setting registers, the speed slider fraction as well as digital and analog Outputs. Additionally unautheticated reading of robot data is also possible
References: [CVE-2020-10264], [XFDB-179124]
IANA registered for: Amicon FPSU-IP VPN |
| 30005 |
tcp |
trojans |
Members scan |
Port sometimes associated with TR-069 - application layer protocol for remote management of end-user devices. It is a bidirectional SOAP/HTTP-based protocol that provides communication between CPE devices and auto-configuration servers (ACS). It can be used by some modems, gateways, routers, VoIP phones, set-top boxes. TR-069 has some known exploits as demonstrated at the DEFCON22 conference. Cox Communcations reportedly uses this port.
If your modem/NAT router/gateway keeps this port open and you are sure you want to filter it (potential interference with ISPs pushing firmware updates), try the following. Navigate to your router's admin interface and disable TR-069. If that does not work, look under "port forwarding", or "virtual servers", and forward port 30005 to an unused local IP address, like (192.168.1.252)
Malware using this port: Backdoor JZ, Litmus trojan
Trojan-Dropper.Win32.Delf.xk / Remote Invalid Pointer Write DOS - Win32.Delf.xk drops server.exe in AppData\Local\Temp dir and listens on TCP ports 30005,30006 and 30007. Netcat to port 30005 and input the number 9 it trys to create a file, number 2 for read file and 3 for opening a file but errors out.
References: [MVID-2021-0130] |
| 30006 |
tcp |
malware |
not scanned |
Trojan-Dropper.Win32.Delf.xk / Remote Invalid Pointer Write DOS - Win32.Delf.xk drops server.exe in AppData\Local\Temp dir and listens on TCP ports 30005,30006 and 30007. Netcat to port 30005 and input the number 9 it trys to create a file, number 2 for read file and 3 for opening a file but errors out.
References: [MVID-2021-0130] |
| 30007 |
tcp |
malware |
not scanned |
Trojan-Dropper.Win32.Delf.xk / Remote Invalid Pointer Write DOS - Win32.Delf.xk drops server.exe in AppData\Local\Temp dir and listens on TCP ports 30005,30006 and 30007. Netcat to port 30005 and input the number 9 it trys to create a file, number 2 for read file and 3 for opening a file but errors out.
References: [MVID-2021-0130] |
| 30010 |
tcp |
applications |
not scanned |
GnomeMeeting (audio and videoconference) uses ports 30000-30010 |
| 30020 |
tcp |
ushare |
not scanned |
Opened by uShare, for Coherence (http://coherence.beebits.net/) |
| 30024 |
tcp |
applications |
not scanned |
Alcatel-Lucent OmniVista 8770 2.0 through 3.0 exposes different ORBs interfaces, which can be queried using the GIOP protocol on TCP port 30024. An attacker can bypass authentication, and OmniVista invokes methods (AddJobSet, AddJob, and ExecuteNow) that can be used to run arbitrary commands on the server, with the privilege of NT AUTHORITY\SYSTEM on the server. NOTE: The discoverer states "The vendor position is to refer to the technical guidelines of the product security deployment to mitigate this issue, which means applying proper firewall rules to prevent unauthorised clients to connect to the OmniVista server."
References: [CVE-2016-9796], [BID-94649], [EDB-40862] |
| 30029 |
tcp |
trojan |
Members scan |
AOL Trojan (aliases: AOL Admin, Backdoor.Cheeser) |
| 30033 |
tcp |
teamspeak |
not scanned |
Teamspeak 3 default file transfer port.
TS3 uses the following ports:
9987 UDP (default voice port)
10011 TCP (default serverquery port)
30033 TCP (default filetransfer port)
41144 TCP (default tsdns port)
TS3 also connects to: accounting.teamspeak.com:2008 (TCP for license checks) and weblist.teamspeak.com:2010 (UDP). TS3 weblist also uses ports 2011-2110 (UDP out, first available port in range).
|
| 30100-30103 |
tcp |
trojan |
Members scan |
NetSphere trojan uses these ports.
30100 tcp - the main port that NetSphere connects to.
30101-30103 tcp - NetSphere runs FTP services on these ports, used to transfer various files (e.g. keylog files).
NetSphere infects only Windows 9x systems. A server program called nssx.exe is placed in the C:\Windows\System directory, a "NSSX" value is added to the Run hive of the registry to launch the server.
Port 30100 is IANA registered for Remote Window Protocol (TCP/SCTP) |
| 30110 |
tcp |
fivem |
not scanned |
FiveM Server (modification of GTA V) uses TCP ports 30120 and 30110. |
| 30120 |
tcp |
fivem |
not scanned |
FiveM Server (modification of GTA V) uses TCP ports 30120 and 30110. |
| 30129 |
tcp |
trojans |
Premium scan |
Masters Paradise backdoor (aliases: Backdoor.Krass, Hacker's Paradise) |
| 30133 |
tcp |
trojans |
Premium scan |
Trojan Spirit 2001a, NetSphere Final trojan |
| 30260 |
tcp,udp |
kingdomsonline |
not scanned |
Kingdoms Online (CraigAvenue), Company of Heroes: Opposing Fronts (UDP) |
| 30301 |
tcp,udp |
applications |
not scanned |
BitTorrent |
| 30303 |
tcp,udp |
Ethereum |
Premium scan |
Ethereum P2P cryptocurrency uses port 30303.
Common cryptocurrency ports (TCP typically):
Bitcoin: 8333
Litecoin: 9332,9333
Dash: 9999
Dogecoin: 22556
Ethereum: 30303
Trojans that use this port:
Sockets de Troie trojan. Typically uses ports 5000, 5001, 30303, and 50505 tcp. Includes remote administration tool like Back Orifice and NetBus, so it has a server (spread with virus) and client portion. |
| 30331 |
tcp |
trojan |
Premium scan |
MuSka52 trojan |
| 30350 |
udp |
games |
not scanned |
Supreme Commander |
| 30351 |
udp |
games |
not scanned |
Supreme Commander |
| 30400 |
tcp |
gs-realtime |
not scanned |
IANA registered for: GroundStar RealTime System |
| 30430 |
tcp,udp |
games |
not scanned |
Frontlines: Fuel of War, developer: THQ |
| 30440 |
tcp |
games |
not scanned |
FIFA Soccer 2009 uses ports 30440-30449 |
| 30449 |
tcp |
games |
not scanned |
FIFA Soccer 2009 uses ports 30440-30449 |
| 30464 |
tcp |
exploits |
Members scan |
Port used by Slapper trojan. A number of exploit scripts bind root shells to this port. See also SMTP ETRN overflow vulnerability. |
| 30477 |
tcp |
games |
not scanned |
F1 2002, GTR FIA GT Racing Game |
| 30544 |
tcp |
applications |
not scanned |
TL-MatrikonOPC is vulnerable to a denial of service. By sending a reset command to TCP port 30544, a remote attacker could exploit this vulnerability to cause the device to crash.
References: [CVE-2013-0666], [XFDB-83861], [BID-59535] |
| 30564 |
tcp |
applications |
not scanned |
Multiplicity: keyboard/mouse/clipboard sharing software |
| 30700 |
tcp |
trojan |
Premium scan |
Mantis trojan |
| 30718 |
udp |
applications |
not scanned |
Lantronix Discovery for Lantronix serial-to-ethernet devices |
| 30720 |
udp |
applications |
not scanned |
Tremulous |
| 30722 |
tcp |
trojans |
Premium scan |
W32.Esbot.A [Symantec-2005-081610-2800-99] - a worm that spreads by exploiting the Microsoft Windows Plug and Play Buffer Overflow Vulnerability (MS Security Bulletin [MS05-039]). Opens a backdoor and listens for remote commands by connecting to IRC servers on 30722/tcp (W32.Esbot.B [Symantec-2005-081716-4721-99] variant uses port 18067/tcp). |
| 30725 |
udp |
games |
not scanned |
Company Of Heroes |
| 30777 |
tcp |
applications |
not scanned |
ZangZing agent |
| 30888 |
|
applications |
not scanned |
Multiple stack-based buffer overflows in HttpUtils.dll in TVMOBiLi before 2.1.0.3974 allow remote attackers to cause a denial of service (tvMobiliService service crash) via a long string in a (1) GET or (2) HEAD request to TCP port 30888.
References: [CVE-2012-5451] |
| 30947 |
tcp |
trojan |
Premium scan |
Intruse trojan |
| 30974 |
tcp |
trojan |
Premium scan |
Intruse trojan |
| 30999 |
tcp |
trojans |
Premium scan |
Backdoor.Novacal [Symantec-2005-092910-5215-99] - a backdoor server that allows unauthorized access, uses ICQ to notify the remote attacker of the compromised computer. Opens a backdoor and listens for remote commands on port 30999/tcp.
Kuang2 trojan |
| 31000 |
tcp,udp |
applications |
not scanned |
OpCon/xps
Titan FTP server |
| 31016 |
tcp |
ka-sddp |
not scanned |
Hitachi JP1/IT Desktop Management 2 Agent 9 through 12 contains a remote code execution vulnerability because of an Integer Overflow. An attacker with network access to port 31016 may exploit this issue to execute code with unrestricted privileges on the underlying OS.
References: [CVE-2021-29644]
Kollective Agent Secure Distributed Delivery Protocol (IANA official) |
| 31016 |
udp |
ka-kdp |
not scanned |
IANA registered for: Kollective Agent Kollective Delivery Protocol |
| 31029 |
udp |
yawn |
not scanned |
YaWN - Yet Another Windows Notifier |
| 31038 |
tcp |
applications |
not scanned |
Diskeeper could allow a remote attacker to obtain sensitive information, caused by the improper handling of arguments by the DKService.exe service. By sending a specially-crafted RPC request to TCP port 31038, a remote attacker could exploit this vulnerability to obtain the address of loaded modules or other sensitive information.
References: [CVE-2007-4375], [XFDB-36008] |
| 31113 |
tcp |
worms |
Members scan |
W32.Mytob.IH@mm [Symantec-2005-072512-2831-99] mass-mailing worm that uses its own SMTP engine, opens a backdoor, and lowers security settings on the compromised computer. Opens a backdoor and listens for remote commands on port 31113/tcp. W32.Mytob.AD@mm and W32.Mytob.AA@mm variants of the worm listen to port 10087/tcp. |
| 31221 |
tcp |
trojan |
Premium scan |
Knark trojan |
| 31230 |
udp |
games |
not scanned |
Dirt Track Racing: Sprint Cars |
| 31240 |
tcp,udp |
games |
not scanned |
Dirt Track Racing: Sprint Cars |
| 31314 |
tcp |
applications |
not scanned |
Š•lectric imp node<>server communication (TLS) |
| 31320 |
tcp,udp |
trojan |
not scanned |
Little Witch trojan |
| 31332 |
tcp |
trojans |
Premium scan |
Backdoor.Grobodor [Symantec-2003-060916-4848-99] - backdoor trojan coded in Delphi, affects Windows, listens on port 31332/tcp. |
| 31335 |
udp |
trojan |
not scanned |
Trinoo distributed attack tool port. |
| 31336 |
tcp |
trojans |
Premium scan |
BOWhack, ButtFunnel trojans |
| 31337 |
tcp,udp |
Back Orifice |
Members scan |
This port number means "elite" in hacker/cracker spelling (3=E, 1=L, 7=T) and because of the special meaning is often used for interesting stuff... Many backdoors/trojans run on this port, the most notable being Back Orifice.
Here are some others that run on the same port: Back Fire, Baron Night, Beeone, BO client, BO Facil, BO spy, BO2, cron / crontab, Freak88, Freak2k, icmp_pipe.c, Sockdmini, ADMworm, bindshell, Elite, Gummo.
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
References: [CVE-2003-0719]
aMSN (aka Alvaro's Messenger) 0.96 and earlier allows remote attackers to cause a denial of service (application crash) by sending invalid data to TCP port 31337.
References: [CVE-2007-2195] [BID-23583] [OSVDB-39116]
Stack-based buffer overflow in the pr_ctrls_recv_request function in ctrls.c in the mod_ctrls module in ProFTPD before 1.3.1rc1 allows local users to execute arbitrary code via a large reqarglen length value.
References: [CVE-2006-6563], [EDB-3333], [EDB-3330], [BID-21587]
Backdoor.Win32.Small.vjt / Unauthenticated Remote Command Execution - the malware listens on TCP port 31337. Third-party attackers who can reach the system can execute OS commands or programs further compromising the already infected machine.
References: [MVID-2021-0337]
.Net Remoting, Terraria, ncat, a netcat alternative
Eldim is a secure file upload proxy (IANA official) |
| 31338 |
tcp,udp |
trojans |
Premium scan |
Back Orifice, ButtFunnel, DeepBO, NetSpy DK trojans |
| 31339 |
tcp |
trojans |
Premium scan |
LittleWitch, Net Spy |
| 31340 |
tcp,udp |
trojan |
not scanned |
Little Witch trojan |
| 31382 |
tcp |
trojan |
Premium scan |
Lithium trojan |
| 31399 |
tcp |
trojan |
Premium scan |
NetSpy (DK) trojan |
| 31400 |
tcp |
pace-licensed |
not scanned |
PACE license server [PACE_Anti-Piracy] (IANA official) |
| 31415 |
tcp |
trojan |
Premium scan |
ThoughtSignal - Server Communication Service (often Informational)
Lithium trojan |
| 31416 |
tcp,udp |
trojan |
not scanned |
Lithium trojan |
| 31435 |
|
games |
not scanned |
Arcanum, Arcanum Won.net |
| 31438 |
tcp |
applications |
not scanned |
Rocket U2 |
| 31439 |
tcp |
trojans |
Premium scan |
Trojan.Tatanarg.B [Symantec-2012-051102-1813-99] - a trojan horse that attempts to steal information from the compromised computer, opens backdoor on port 31439/tcp. |
| 31456 |
tcp |
applications |
not scanned |
TetriNET IRC gateway on some servers |
| 31457 |
tcp,udp |
applications |
not scanned |
Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname.
References: [CVE-1999-1060]
TetriNET Protocol (IANA official) |
| 31458 |
tcp |
applications |
not scanned |
TetriNET Used for game spectators |
| 31500 |
udp |
applications |
not scanned |
Kingpin: Life of Crime, developer: Xatrix Entertainment/Gray Matter Interactive |
| 31510 |
tcp,udp |
KingPin |
not scanned |
KingPin |
| 31554 |
tcp |
trojan |
Premium scan |
Schwindler trojan horse |
| 31556 |
tcp |
malware |
not scanned |
Backdoor.Win32.Zdemon.10 / Unauthenticated Remote Command Execution - Zdemon malware listens on TCP ports 31556, 6051. Third-party attackers who can reach infected systems can execute commands made available by the backdoor.
References: [MVID-2021-0313] |
| 31557 |
tcp |
trojans |
Premium scan |
NetBus, Xanadu |
| 31564 |
tcp |
proxy |
Premium scan |
Fiddler Core (a .Net class library for C# apps) - insecure default flag leads to Open Proxy Issue. Kantai Collection game (KanColleViewer utility app) uses Fiddler Core library to open a web proxy on port 37564 TCP.
Reference: [CVE-2015-2947] |
| 31620 |
tcp,udp |
lm-mon |
not scanned |
lm mon [System Administrator] (IANA official) |
| 31631 |
tcp |
trojan |
Premium scan |
CleptoManicos trojan |
| 31666 |
tcp |
trojan |
Premium scan |
BOWhack, BOWackmole trojans |
| 31693 |
tcp |
trojans |
Premium scan |
Backdoor.Turkojan [Symantec-2003-032816-3726-99] (2003.03.28) - a backdoor trojan that gives an attacker unauthorized access to a compromised computer. By default is opens port 31693/tcp. |
| 31745 |
tcp |
trojan |
Premium scan |
BuschTrommel trojan
Backdoor.Win32.Bushtrommel.122 / Authentication Bypass - the malware listens on TCP port 31745 runs an ftp server on port 1030. Attackers who can reach infected systems can logon using any username/password combination. Intruders may then upload executables using ftp PASV, STOR commands.
References: [MVID-2022-0629]
Backdoor.Win32.Bushtrommel.122 / Unauthenticated Remote Command Execution - the malware listens on TCP port 31745 and 1030. Adversaries who can reach infected hosts can run commands made available by the backdoor. The "*RUN" command calls CreateProcess() based on CL input, errors will result in a pop up dialog on the infected host:
"CreateProcess() in function () GetConsoleOuput() failed!". Correct syntax is as follows *RUN"calc.exe", successful code execution results in the response "*EVA*" from the backdoored host.
References: [MVID-2022-0630] |
| 31778 |
tcp |
trojans |
not scanned |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31785 |
tcp |
trojan |
Premium scan |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31787 |
tcp |
trojan |
Members scan |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31787 |
tcp |
trojan |
Premium scan |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31788 |
tcp |
trojan |
Premium scan |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31789 |
udp |
hackatack |
not scanned |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31790 |
udp |
hackattack |
not scanned |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31791 |
udp |
trojan |
not scanned |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31792 |
tcp |
trojan |
Premium scan |
Hack 'a' Tack trojan - affects Windows, communicates over TCP ports 31778, 31785, 31787 and UDP ports 31788, 31789, 31790, 31791, 31792 by default. |
| 31880 |
tcp |
tablo |
not scanned |
Tablo Connect (TV streaming) uses the following ports: TCP 21030, 21031, 21032.
Tablo can instead use the following set of ports: TCP 31887, 31880, 31883 (3188x public/WAN ports are mapped to different private/LAN ports as follows: 31887 WAN -> 8887 LAN, 31880 WAN -> 80 LAN, 31883 WAN -> 443 LAN). |
| 31883 |
tcp |
tablo |
not scanned |
Tablo Connect (TV streaming) uses the following ports: TCP 21030, 21031, 21032.
Tablo can instead use the following set of ports: TCP 31887, 31880, 31883 (3188x public/WAN ports are mapped to different private/LAN ports as follows: 31887 WAN -> 8887 LAN, 31880 WAN -> 80 LAN, 31883 WAN -> 443 LAN). |
| 31887 |
tcp |
tablo |
Premium scan |
Tablo Connect (TV streaming) uses the following ports: TCP 21030, 21031, 21032.
Tablo can instead use the following set of ports: TCP 31887, 31880, 31883 (3188x public/WAN ports are mapped to different private/LAN ports as follows: 31887 WAN -> 8887 LAN, 31880 WAN -> 80 LAN, 31883 WAN -> 443 LAN).
Malware that uses this port: BDDT trojan |
| 31889 |
tcp |
trojan |
Premium scan |
BDDT trojan |
| 31999 |
tcp,udp |
applications |
not scanned |
An issue was found in Apache IoTDB .9.0 to 0.9.1 and 0.8.0 to 0.8.2. When starting IoTDB, the JMX port 31999 is exposed with no certification.Then, clients could execute code remotely.
References: [CVE-2020-1952], [XFDB-180823] |
| 32000 |
tcp |
applications |
Members scan |
Merak WebMail server
Mercur Messaging
Java Wrapper Service
BDDT trojan
Artisoft XtraMail DoS vulnerability - control port can be overflown with long usernames. [BID-791]
Multiple buffer overflows in MERCUR Messaging 2005 before Service Pack 4 allow remote attackers to cause a denial of service (crash) via (1) "long command lines at port 32000" and (2) certain name service queries that are not properly handled by the SMTP service.
References: [CVE-2006-7038] [BID-18462] [SECUNIA-20432]
The (1) function.php or (2) function.view.php scripts in Merak Mail Server 5.2.7 allow remote attackers to read arbitrary PHP files via a direct HTTP request to port 32000.
References: [CVE-2004-1721] [BID-10966] [OSVDB-9045] [SECUNIA-12269] |
Vulnerabilities listed: 100 (some use multiple ports)
|
