CVE-2022-1388

[Spider777]

vuln-

https://210.73.215.99

https://210.73.215.98

https://123.59.7.251

https://210.73.215.100

https://40.88.23.120

https://123.59.7.252

https://122.2.165.154

https://203.66.172.249

https://203.66.172.250

https://103.209.41.58

https://218.95.231.99:5443

https://entry.jhzr.ios.01game.com

https://secure.akzonobel.com

http://secure.akzonobel.com

https://dmzlb.parker.com

http://dmzlb.parker.com

 

[LeaksPlus]

How did you find these ? are you into web hacking, whats your skills ?

 

[Spider777]

How did you find these ? are you into web hacking, whats your skills ?

Scanning potential targets

 

[Masamune]

Scanning potential targets

Maybe with https://en.fofa.info/ and https://www.shodan.io/? Any other good links and tools?

 

[bitmixlist]

I don't understand why these companies don't simply use a firewall to secure access to their control panels.

If they made an appropriate allow list of IPs, and enforced corporate VPN usage, then it would solve a lot of problems for them.

Now everyone can attack the login screens.

 

[LeaksPlus]

I don't understand why these companies don't simply use a firewall to secure access to their control panels.

If they made an appropriate allow list of IPs, and enforced corporate VPN usage, then it would solve a lot of problems for them.

Now everyone can attack the login screens.

I mean their stupidity is good for our profit haha