Threat Level: green Handler on Duty: Johannes Ullrich

SANS ISC: Port 52869 (tcp/udp) Attack Activity Port 52869 (tcp/udp) Attack Activity


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Loading...
[get complete service list]
Port Information
Protocol Service Name
tcp UPNP UPNP over SOAP
Top IPs Scanning
TodayYesterday
159.203.187.244 (871)159.203.187.244 (2068)
178.128.84.198 (333)178.128.84.198 (1327)
165.22.121.222 (165)165.22.121.222 (519)
85.187.4.9 (39)178.62.72.81 (235)
37.211.49.229 (38)209.97.143.222 (196)
209.97.143.222 (37)178.62.71.110 (117)
178.170.54.71 (36)85.66.47.175 (99)
178.62.72.81 (35)95.158.19.130 (88)
165.22.117.10 (32)165.22.117.10 (87)
85.66.47.175 (29)85.187.4.9 (86)
Port diary mentions
URL
When Cameras and Routers attack Phones. Spike in CVE-2014-8361 Exploits Against Port 52869
User Comments
Submitted By Date
Comment
Dr. J. 2018-08-01 15:20:39
Some devices receive UPNP requests on this port via SOAP. A common implementation is the "miniigd" server by Realtek. It has had some vulnerabilities in the past, including remote code execution issues.
Add a comment
CVE Links
CVE # Description
CVE-2014-8361 The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request.