182.239.84.18
{
"scan_id": 1769233337,
"ip": "182.239.84.18",
"is_ipv4": true,
"is_ipv6": false,
"location": {
"network": "182.239.84.0/22",
"postal_code": "",
"coordinates": {
"latitude": "22.2578",
"longitude": "114.1657"
},
"geo_point": "22.2578, 114.1657",
"locale_code": "en",
"continent": "Asia",
"country_code": "HK",
"country_name": "Hong Kong",
"city": ""
},
"location_updated_at": "2026-01-30T12:41:21Z",
"asn": {
"number": "AS9231",
"organization": "China Mobile Hong Kong Company Limited",
"country_code": ""
},
"asn_updated_at": "0001-01-01T00:00:00Z",
"whois": {
"network": "182.239.84.0/23",
"organization": "China Mobile Hong Kong Company Limited",
"descr": "China Mobile Hong Kong Company Limited,\nLevel 20, Tower 1, Kowloon Commerce Centre,\nNo 51, Kwai Cheong Road,\nKwai Chung",
"_encoding": {
"raw": "BASE64"
}
},
"whois_updated_at": "2024-12-09T11:27:51Z",
"tags": [
{
"name": "is_anonymous_proxy",
"pretty_name": "Anonymous Proxy",
"value": false,
"last_updated_at": "2026-01-30T12:41:21Z"
},
{
"name": "is_cdn",
"pretty_name": "CDN",
"value": false,
"last_updated_at": "2026-01-30T15:13:45Z"
},
{
"name": "is_satellite_provider",
"pretty_name": "Satellite Provider",
"value": false,
"last_updated_at": "2026-01-30T12:41:21Z"
}
],
"hostnames": [
{
"name": "182.239.84.18.hk.chinamobile.com",
"last_updated_at": "2026-01-30T15:13:45Z"
}
],
"services": [
{
"port": 22,
"protocol": "tcp",
"name": "ssh",
"version": "",
"product": "Dropbear sshd",
"extra_info": "protocol 2.0",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:matt_johnston:dropbear_ssh_server",
"part": "a",
"vendor": "matt_johnston",
"product": "dropbear_ssh_server",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:linux:linux_kernel",
"part": "o",
"vendor": "linux",
"product": "linux_kernel",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"ssh": {
"banner": "SSH-2.0-dropbear",
"client_to_server_ciphers": [
"aes128-ctr",
"aes256-ctr",
"twofish256-ctr",
"twofish128-ctr",
"aes128-cbc",
"aes256-cbc",
"twofish256-cbc",
"twofish-cbc",
"twofish128-cbc",
"3des-ctr",
"3des-cbc"
],
"client_to_server_compression": [
"none"
],
"client_to_server_macs": [
"hmac-sha1-96",
"hmac-sha1",
"hmac-sha2-256",
"hmac-md5"
],
"host_key_algorithms": [
"ssh-rsa"
],
"kex_algorithms": [
"[email protected]",
"diffie-hellman-group14-sha1",
"diffie-hellman-group1-sha1",
"[email protected]"
],
"key": {
"algorithm": "ssh-rsa",
"fingerprint_sha256": "32d9a40cd11eb9345bc1624e48641078a2311df91fdc04a37e415d9005d95330"
},
"server_to_client_ciphers": [
"aes128-ctr",
"aes256-ctr",
"twofish256-ctr",
"twofish128-ctr",
"aes128-cbc",
"aes256-cbc",
"twofish256-cbc",
"twofish-cbc",
"twofish128-cbc",
"3des-ctr",
"3des-cbc"
],
"server_to_client_compression": [
"none"
],
"server_to_client_macs": [
"hmac-sha1-96",
"hmac-sha1",
"hmac-sha2-256",
"hmac-md5"
],
"software": "dropbear",
"version": "2.0"
}
},
"cve": [
{
"id": "CVE-1999-0431",
"severity": "medium"
},
{
"id": "CVE-1999-0656",
"severity": "medium"
},
{
"id": "CVE-1999-1285",
"severity": "low"
}
],
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-01-26T11:01:58.838Z"
},
{
"port": 80,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "OpenWrt uHTTPd",
"extra_info": "",
"tunnel": "",
"softwares": [
{
"uri": "cpe:/a:openwrt:uhttpd",
"part": "a",
"vendor": "openwrt",
"product": "uhttpd",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:linux:linux_kernel",
"part": "o",
"vendor": "linux",
"product": "linux_kernel",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -430171617,
"body_sha256": "85e61a746839c7687d5b9d8825183ab8eb9ba49854db2871eb44c604852f4ade",
"content_length": 597436,
"headers": {
"connection": [
"Keep-Alive"
],
"content_length": [
"597436"
],
"content_type": [
"text/html"
],
"date": [
"Fri, 30 Jan 2026 02:34:04 GMT"
],
"etag": [
"\"e87-91dbc-656010d5\""
],
"last_modified": [
"Fri, 24 Nov 2023 02:56:21 GMT"
],
"unknown": [
{
"key": "keep_alive",
"value": [
"timeout=20"
]
}
]
},
"protocol": "HTTP/1.1",
"status_code": 200
}
},
"cve": [
{
"id": "CVE-1999-0431",
"severity": "medium"
},
{
"id": "CVE-1999-0656",
"severity": "medium"
},
{
"id": "CVE-1999-1285",
"severity": "low"
}
],
"url": "http://182.239.84.18/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-01-30T02:34:06.819Z"
},
{
"port": 443,
"protocol": "tcp",
"name": "http",
"version": "",
"product": "OpenWrt uHTTPd",
"extra_info": "",
"tunnel": "ssl",
"softwares": [
{
"uri": "cpe:/a:openwrt:uhttpd",
"part": "a",
"vendor": "openwrt",
"product": "uhttpd",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
},
{
"uri": "cpe:/o:linux:linux_kernel",
"part": "o",
"vendor": "linux",
"product": "linux_kernel",
"version": "ANY",
"language": "ANY",
"edition": "ANY",
"update": "ANY"
}
],
"modules": {
"http": {
"body_murmur": -430171617,
"body_sha256": "85e61a746839c7687d5b9d8825183ab8eb9ba49854db2871eb44c604852f4ade",
"content_length": 597436,
"headers": {
"connection": [
"Keep-Alive"
],
"content_length": [
"597436"
],
"content_type": [
"text/html"
],
"date": [
"Thu, 29 Jan 2026 15:19:03 GMT"
],
"etag": [
"\"e87-91dbc-656010d5\""
],
"last_modified": [
"Fri, 24 Nov 2023 02:56:21 GMT"
],
"unknown": [
{
"key": "keep_alive",
"value": [
"timeout=20"
]
}
]
},
"protocol": "HTTP/1.1",
"status_code": 200
},
"tls": {
"certificate": {
"extensions": {
"authority_key_id": "9b123eb0b24db4391f54f37498ddc2877d0cb01f",
"basic_constraints": {
"is_ca": true
},
"subject_key_id": "9b123eb0b24db4391f54f37498ddc2877d0cb01f"
},
"fingerprint_md5": "B7B3843416C1B00AA16364416B49BDE4",
"fingerprint_sha1": "D29281F1923C8F0EC8862BC6055B17C06257CCCA",
"fingerprint_sha256": "8BA376F0CEDFC4281785C2610B26A44D035F976E1710519821CCD5D067E47EE6",
"issuer": {
"common_name": [
"LEDE"
],
"country": [
"ZZ"
],
"locality": [
"Unknown"
],
"organization": [
"LEDE13663024"
],
"province": [
"Somewhere"
]
},
"jarm": "",
"redacted": false,
"revocation": {
"ocsp": {
"reason": "UNKNOWN",
"revoked": false
}
},
"serial_number": "2284337193138115241",
"signature": {
"algorithm": {
"name": "SHA256-RSA",
"oid": "1.2.840.113549.1.1.11"
},
"self_signed": true
},
"subject": {
"common_name": [
"LEDE"
],
"country": [
"ZZ"
],
"locality": [
"Unknown"
],
"organization": [
"LEDE13663024"
],
"province": [
"Somewhere"
]
},
"subject_alt_name": {
"dns_names": [
"LEDE"
],
"extended_dns_names": []
},
"subject_key_info": {
"_key": "rsa",
"dh": [],
"dsa": [],
"ecdsa": [],
"fingerprint_sha256": "c3bcc0ef0614af14d45b14d1b15d55cdb2021205cb5ab3f317fc368b937befda",
"key_algorithm": "RSA",
"rsa": {
"exponent": 65537,
"length": 2048
}
},
"tbs_fingerprint": "8dc556cf03d6b7a99239cb373ba1ae4dcf90e3f3e99fc404c1abc8db3073a21a",
"validation_level": "OV",
"validity": {
"length_seconds": 63072000,
"not_after": "2025-11-28T06:31:12",
"not_before": "2023-11-29T06:31:12"
},
"version": 2
},
"fingerprint_sha256": "8BA376F0CEDFC4281785C2610B26A44D035F976E1710519821CCD5D067E47EE6",
"precert": false,
"tags": [
"ov",
"trusted",
"self_signed",
"root"
]
}
},
"cve": [
{
"id": "CVE-1999-0431",
"severity": "medium"
},
{
"id": "CVE-1999-0656",
"severity": "medium"
},
{
"id": "CVE-1999-1285",
"severity": "low"
}
],
"url": "https://182.239.84.18/",
"_meta": {
"name": "",
"desc": "",
"category": ""
},
"last_updated_at": "2026-01-31T00:56:17.011Z"
}
],
"services_hash": "661d787a7aa82f4f7dd88477d713e69ca6db88ef69e3aa27a2f0cc29063bf98a",
"last_updated_at": "2026-01-31T00:56:17.011Z",
"banner": [
"ssh",
"http",
"tls"
],
"is_vuln": true,
"cveDetails": {
"CVE-1999-0431": {
"id": "CVE-1999-0431",
"references": [
"https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0431"
],
"score": 5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "Linux 2.2.3 and earlier allow a remote attacker to perform an IP fragmentation attack, causing a denial of service.",
"vector_string": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-0656": {
"id": "CVE-1999-0656",
"references": [
"http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/348",
"http://ca.com/au/securityadvisor/vulninfo/Vuln.aspx?ID=1638",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/348"
],
"score": 5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.",
"vector_string": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"weakness": "CWE-16"
},
"CVE-1999-1285": {
"id": "CVE-1999-1285",
"references": [
"http://marc.info/?l=bugtraq&m=91495921611500&w=2",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/1472",
"http://marc.info/?l=bugtraq&m=91495921611500&w=2",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/1472"
],
"score": 2.1,
"services": [
"22/ssh"
],
"severity": "low",
"summary": "Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.",
"vector_string": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
"weakness": "NVD-CWE-Other"
},
"CVE-1999-1442": {
"id": "CVE-1999-1442",
"references": [
"http://uwsg.iu.edu/hypermail/linux/kernel/9805.3/0855.html",
"http://www.cs.helsinki.fi/linux/linux-kernel/Year-1998/1998-25/0816.html",
"http://www.securityfocus.com/bid/105"
],
"score": 7.2,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "Bug in AMD K6 processor on Linux 2.0.x and 2.1.x kernels allows local users to cause a denial of service (crash) via a particular sequence of instructions, possibly related to accessing addresses outside of segments.",
"vector_string": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"weakness": "NVD-CWE-Other"
},
"CVE-2022-3424": {
"id": "CVE-2022-3424",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2132640",
"https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/",
"https://security.netapp.com/advisory/ntap-20230406-0005/",
"https://www.spinics.net/lists/kernel/msg4518970.html",
"https://bugzilla.redhat.com/show_bug.cgi?id=2132640",
"https://github.com/torvalds/linux/commit/643a16a0eb1d6ac23744bb6e90a00fc21148a9dc",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221019031445.901570-1-zyytlz.wz%40163.com/",
"https://security.netapp.com/advisory/ntap-20230406-0005/",
"https://www.spinics.net/lists/kernel/msg4518970.html"
],
"score": 7.8,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by the user, where a fail pass occurs in the gru_check_chiplet_assignment function. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2022-3707": {
"id": "CVE-2022-3707",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2137979",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2137979",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html",
"https://lore.kernel.org/all/20221007013708.1946061-1-zyytlz.wz%40163.com/"
],
"score": 5.5,
"services": [
"22/ssh"
],
"severity": "medium",
"summary": "A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-460"
},
"CVE-2023-0030": {
"id": "CVE-2023-0030",
"references": [
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270",
"https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10",
"https://security.netapp.com/advisory/ntap-20230413-0010/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270",
"https://github.com/torvalds/linux/commit/729eba3355674f2d9524629b73683ba1d1cd3f10",
"https://security.netapp.com/advisory/ntap-20230413-0010/",
"https://bugzilla.redhat.com/show_bug.cgi?id=2157270"
],
"score": 7.8,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A use-after-free flaw was found in the Linux kernel’s nouveau driver in how a user triggers a memory overflow that causes the nvkm_vma_tail function to fail. This flaw allows a local user to crash or potentially escalate their privileges on the system.",
"vector_string": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-416"
},
"CVE-2023-1390": {
"id": "CVE-2023-1390",
"references": [
"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5",
"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6",
"https://infosec.exchange/%40_mattata/109427999461122360",
"https://security.netapp.com/advisory/ntap-20230420-0001/",
"https://gist.github.com/netspooky/bee2d07022f6350bb88eaa48e571d9b5",
"https://github.com/torvalds/linux/commit/b77413446408fdd256599daf00d5be72b5f3e7c6",
"https://infosec.exchange/%40_mattata/109427999461122360",
"https://security.netapp.com/advisory/ntap-20230420-0001/"
],
"score": 7.5,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "A remote denial of service vulnerability was found in the Linux kernel’s TIPC kernel module. The while loop in tipc_link_xmit() hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization for the system to instantly spike to 100%, causing a denial of service condition.",
"vector_string": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"weakness": "CWE-1050"
},
"CVE-2023-28466": {
"id": "CVE-2023-28466",
"references": [
"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://security.netapp.com/advisory/ntap-20230427-0006/",
"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit?id=49c47cc21b5b7a3d8deb18fc57b0aa2ab1286962",
"https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html",
"https://security.netapp.com/advisory/ntap-20230427-0006/"
],
"score": 7,
"services": [
"22/ssh"
],
"severity": "high",
"summary": "do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).",
"vector_string": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"weakness": "CWE-476"
}
}
}