Open Service Vulnerabilities

These Open Services are accessible to anyone on the internet and are responding to queries.

THE RISK: The vulnerabilities of these Open Services can be exploited by a remote user to use your internet connection to anonymously attack other devices or sites and servers across the internet.

The Open LDAP (TCP) Service is running on port 389/TCP and is accessible to anyone on the internet.

THE RISK: Hosts running LDAP using port 389/TCP are often Active Directory services. The data disclosed by the server resides on, making is vulnerable to attack.

The Open Cisco Smart Install Service is running and accessible to anyone on the internet.

THE RISK: This service doesn’t require authentication and could allow a remote user to obtain a copy of your device’s configuration file and upload an altered version or malicious software. 

The Open SERVER Message Block (SMB) Service is running on port 445/TCP and is accessible to anyone on the internet.

THE RISK: The SMB protocol is not protected and can be accessed openly by anyone to obtain stored files and sensitive information, resulting in vulnerability to brute force attacks, multiple exploits and/or the disclosure of confidential information.

The Open Virtual Network Computing (VNC) Service is a graphical desktop sharing system running on port 5900/TCP and is accessible to anyone on the internet.

THE RISK: VNC doesn’t utilize encryption and, if configured improperly, can potentially disclose sensitive information or unknowingly provide remote access to your system.

The X Display Manager (XDMCP) Service is running and accessible to anyone on the internet.

THE RISK: Using this service poses a risk of disclosing sensitive information or unknowingly providing remote access to your system.

In computer networking, the multicast Domain Name System (mDNS) protocol resolves hostnames to IP addresses within small networks that do not include a local name server.

THE RISK: Devices using mDNS could potentially respond to malicious queries outside a local network and inadvertently facilitate a large-scale Denial of Service attack.

The Open Portmapper Service is running and accessible to anyone on the internet.

THE RISK: Devices using the service are at risk of being used in an attack and/or disclosing large amounts of information about the system using Portmapper.

The Open Elasticsearch Service is running and accessible to anyone on the internet.

THE RISK: Elasticsearch doesn’t support authentication, so remote users could potentially access Elasticsearch and gain control of the service, putting your information at risk of being disclosed.

The Open MongoDB Service (MongoDB NoSQL database) is running and accessible to anyone on the internet.

THE RISK: Authentication is not enabled, which can pose a risk of unwanted remote access for malicious users and potential data breaches.

The Open MS-SQL Server Resolution Service is running and accessible to anyone on the internet.

THE RISK: If this service is accessible via your network, you’re at risk of having your network information exposed. The service itself can be used in UDP amplification attacks.

The Open Redis Service (Redis key-value store) is running and accessible to anyone on the internet.

THE RISK: If this service is accessible via your network, you’re at risk of having your network information exposed. The service itself can be used in UDP amplification attacks.

The Open NAT Port Mapping Protocol (PMP) Service is running and accessible to anyone on the internet.

THE RISK: This service has the potential to expose information about your network.

The Open Intelligent Platform Management Interface (IPMI) Service is running on port 623/UDP and is accessible to anyone on the internet.

THE RISK: Devices with IPMI exposed have the potential to be compromised at the Baseboard Management Controller (BMC) level.

The Open Telnet Service is running on port 23/TCP and is accessible to anyone on the internet.

THE RISK: Due to a lack of encryption, Telnet traffic can be intercepted. Open Telnet ports can also be exploited by malware, potentially resulting in initiating Denial of Service attacks, the extracting or destroying of information and more.

The Open Remote Desktop Protocol (RDP) Service is running and accessible to anyone on the internet.

THE RISK: If you use this service, misconfiguration can put your computer or network at risk of being accessed remotely for information gathering.

The Open TFTP Service is running and accessible to anyone on the internet.

THE RISK: This service has no access control mechanisms, which may result in being accessed remotely to retrieve sensitive information or be used in attacks.

The Open Apple Remote Desktop Service is running on port 3283/UDP and is accessible to anyone on the internet.

THE RISK: This service’s vulnerabilities could be exploited by external users to be used in attacks or to leak information about the system it’s running on.

The Open File Transfer Protocol (FTP) Service is running on port 21/TCP and is accessible to anyone on the internet.

THE RISK: This service provides no encryption (unless you’re using FTPS), so sensitive information or system credentials could potentially be exposed. Devices using the service are also at risk of being used in UDP amplification attacks.

The Open Hadoop Service is running and have either the NameNode or DataNode web interfaces running. They are accessible to anyone on the internet.

THE RISK: Using this service puts you at risk of potentially having your sensitive information disclosed.

The Open DB2 Discovery Service is running and accessible to anyone on the internet.

THE RISK: Using this service puts you at risk of potentially having your sensitive information exposed and used in attacks.

The Open Ubiquiti Discovery Service is running and accessible to anyone on the internet.

THE RISK: Using this service puts you at risk of potentially having your sensitive information disclosed and used in a UDP amplification attack.

If you use an open service and your device is behaving strangely or showing signs of an exploitable vulnerability, try the following:

• If you have the expertise, disable the Open Service or restrict access to only trusted IP addresses on your device.
• If you’re unable to complete the above, or if you’ve completed the above but your device is still acting strangely, bring it to a third-party computer repair technician to solve the problem.

What is a Vulnerability?