NYARC UNLICENSED - EVALUATION ONLY

固件安全审计报告

4.0.24 x64 Build202601131850

NYARC-IKUAI8_X64_4.0.24_B-2026-04-22 23:22:04 UTC

报告日期:2026-04-22 23:22:04 UTC

样本: iKuai8_x64_4.0.24_Build202601131850.bin

🔒 机密 — 仅供授权人员查阅

目录

1. 执行摘要

56 / 100
18
严重
12
高危
5
中危
528
低危/信息

2. 测试范围与方法

项目详情
固件版本4.0.24 x64 Build202601131850
厂商iKuai
样本文件iKuai8_x64_4.0.24_Build202601131850.bin
MD54fa9b7183ae1cc505295dc4ef5f5afbf
SHA-2561bee8284ee70f633b8b88bd6bbbfc7a366f9b01f1700dac83b35171fa8b9fb63
文件大小41.7MB
扫描时间2026-04-22 23:22:04 UTC
工具Nyarc Professional v1.2.0

3. 发现总览

#级别CVSS发现
1CRITICAL6.9密码已破解:用户 'root'
2CRITICAL5.3OpenSSL libcrypto.so.1.0.0 — 已停止维护
3CRITICAL7.5OpenSSL 1.0.0 — 已停止维护
4CRITICAL9.1私钥泄露: /etc/remote2/ca-certificates.d/ikuai/client.key
5CRITICAL9.1私钥泄露: /etc/ssl/32015/ca.key
6CRITICAL9.1私钥泄露: /etc/ssl/32016/ca.key
7CRITICAL9.1私钥泄露: /etc/ssl/32017/ca.key
8CRITICAL9.1私钥泄露: /etc/swanctl/ikca/rootCA.key
9CRITICAL9.1私钥泄露: /usr/ikuai/ctrlclient/priv.key
10CRITICAL9.1私钥泄露: /usr/openresty/ssl/server.key
11CRITICAL6.9密码已破解:用户 'root'
12CRITICAL9.1云控客户端: 私钥与证书泄露
13CRITICAL6.1控制客户端(备用): 私钥与证书泄露
14CRITICAL9.1内嵌 CA: 私钥与证书泄露
15CRITICAL9.1内嵌 CA: 私钥与证书泄露
16CRITICAL9.1内嵌 CA: 私钥与证书泄露
17CRITICAL9.1Web 服务器: 私钥与证书泄露
18CRITICAL7.5OpenSSL 1.0.0 — 已停止维护
19HIGH5.3Generic backdoor detected (CVE-2023-50920): Lua random seed (check for predictable values)
20HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
21HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
22HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
23HIGH5.3Generic backdoor detected (CVE-2023-50920): Lua random seed (check for predictable values)
24HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
25HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
26HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
27HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
28HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
29HIGH7.5远程控制配置文件暴露
30HIGH5.3Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)
31MEDIUM5.3用户 'sshd' 使用 MD5crypt 弱哈希
32MEDIUM5.3用户 'root' 使用 MD5crypt 弱哈希
33MEDIUM5.3用户 'sshd' 使用 MD5crypt 弱哈希
34MEDIUM5.3Generic potential vulnerability: Telnet on non-standard port (potential backdoor)
35MEDIUM5.3用户 'root' 使用 MD5crypt 弱哈希

4. 详细发现

1. 密码已破解:用户 'root'CRITICAL (CVSS 6.9)
描述
密码 '2015.ikuai8.com' 通过字典攻击破解
证据
/etc/shadow: root cracked with common password dictionary
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
ID: NYARC-001
2. OpenSSL libcrypto.so.1.0.0 — 已停止维护CRITICAL (CVSS 5.3)
描述
OpenSSL 1.0.x is EOL since 2020, multiple known CVEs including RCE
证据
/usr/lib/libcrypto.so.1.0.0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
ID: NYARC-002
3. OpenSSL 1.0.0 — 已停止维护CRITICAL (CVSS 7.5)
描述
OpenSSL 1.0.x is EOL since 2020, multiple known CVEs including RCE
证据
/usr/lib/libssl.so.1.0.0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ID: NYARC-003
4. 私钥泄露: /etc/remote2/ca-certificates.d/ikuai/client.keyCRITICAL (CVSS 9.1)
描述
Private key found in firmware. Anyone with the firmware can impersonate this service.
Private Key: /etc/remote2/ca-certificates.d/ikuai/client.key
Certificate: /etc/remote2/ca-certificates.d/ikuai/client.crt
主体C = CN, ST = beijing, O = ikuai, OU = ikclient, CN = *.ikuai8.com
签发者C = CN, ST = beijing, L = bj, O = ikuai, OU = ik, CN = *.ikuai8.com
生效时间Aug 22 09:52:29 2019 GMT
过期时间Aug 19 09:52:29 2029 GMT
序列号02
SHA1 指纹FB:07:C4:91:0E:A9:26:86:98:4D:EE:CB:33:A1:8C:B6:E1:F4:B3:2F
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-004
5. 私钥泄露: /etc/ssl/32015/ca.keyCRITICAL (CVSS 9.1)
描述
Private key found in firmware. Anyone with the firmware can impersonate this service.
Private Key: /etc/ssl/32015/ca.key (1024-bit RSA)
Certificate: /etc/ssl/32015/ca.crt
主体C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = download.ikuai8.com
签发者C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = download.ikuai8.com
生效时间Aug 29 04:13:19 2017 GMT
过期时间Dec 30 04:13:19 3016 GMT
序列号BD9552A22264C655
SHA1 指纹68:7C:26:F4:B4:20:1B:C5:04:AD:31:58:0E:4F:C1:04:08:6C:39:B6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-005
6. 私钥泄露: /etc/ssl/32016/ca.keyCRITICAL (CVSS 9.1)
描述
Private key found in firmware. Anyone with the firmware can impersonate this service.
Private Key: /etc/ssl/32016/ca.key (1024-bit RSA)
Certificate: /etc/ssl/32016/ca.crt
主体C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = download.ikuai8.com
签发者C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = download.ikuai8.com
生效时间Aug 29 02:15:37 2017 GMT
过期时间Dec 30 02:15:37 3016 GMT
序列号92EDE68AEB529720
SHA1 指纹B8:4C:CB:B7:53:F6:70:9E:B8:D8:20:DB:8A:34:49:BE:85:E8:30:F0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-006
7. 私钥泄露: /etc/ssl/32017/ca.keyCRITICAL (CVSS 9.1)
描述
Private key found in firmware. Anyone with the firmware can impersonate this service.
Private Key: /etc/ssl/32017/ca.key (1024-bit RSA)
Certificate: /etc/ssl/32017/ca.crt
主体C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = 302.ikuai8.com
签发者C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = 302.ikuai8.com
生效时间Sep 6 04:04:56 2017 GMT
过期时间Jan 7 04:04:56 3017 GMT
序列号E43325EF748B108B
SHA1 指纹EC:29:58:77:4B:E1:99:CC:DA:74:14:A2:B9:0B:D9:D7:EF:C9:D5:36
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-007
8. 私钥泄露: /etc/swanctl/ikca/rootCA.keyCRITICAL (CVSS 9.1)
描述
Private key found in firmware. Anyone with the firmware can impersonate this service.
Private Key: /etc/swanctl/ikca/rootCA.key (4096-bit RSA)
Certificate: /etc/swanctl/ikca/rootCA.crt
主体C = IK, ST = beijing, L = beijing, O = ikuai, OU = ikuai, CN = ikuaitest.com
签发者C = IK, ST = beijing, L = beijing, O = ikuai, OU = ikuai, CN = ikuaitest.com
生效时间Dec 27 01:59:58 2022 GMT
过期时间Feb 25 01:59:58 2042 GMT
序列号A1142FC16A202365
SHA1 指纹A4:86:5B:9B:F1:6F:66:AF:01:B3:EE:9B:A4:90:90:56:60:DB:2A:7E
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-008
9. 私钥泄露: /usr/ikuai/ctrlclient/priv.keyCRITICAL (CVSS 9.1)
描述
Private key found in firmware. Anyone with the firmware can impersonate this service.
Private Key: /usr/ikuai/ctrlclient/priv.key (4096-bit RSA)
Certificate: /usr/ikuai/ctrlclient/cert.pem
主体C = CN, ST = BEIJING, O = IKUAI8 Ltd, OU = CERT 0001 OF CA REMOTE CONTROL 0002-01-0001 FOR IKUAI ROUTERS, CN = cert0001.rm_router0002-01-0001.ikuai8.com, emailAddress = [email protected]
签发者C = CN, ST = BEIJING, O = IKUAI8 Ltd, OU = REMOTE CONTROL 0002-01 FOR ROUTERS, CN = remote_control.rt0002-01.ikuai8.com, emailAddress = [email protected]
生效时间Dec 24 02:44:23 2015 GMT
过期时间Dec 22 02:44:23 2021 GMT
序列号100000
SHA1 指纹9B:3C:A3:86:B7:65:80:CB:A8:B4:BA:77:8B:B8:53:B4:84:99:6A:2B
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-009
10. 私钥泄露: /usr/openresty/ssl/server.keyCRITICAL (CVSS 9.1)
描述
Private key found in firmware. Anyone with the firmware can impersonate this service.
Private Key: /usr/openresty/ssl/server.key (2048-bit RSA)
Certificate: /usr/openresty/ssl/server.crt
主体C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = ikuai8.com
签发者C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = ikuai8.com
生效时间Apr 21 07:23:05 2021 GMT
过期时间Aug 22 07:23:05 3020 GMT
序列号DB6C3FFC850ABE5E
SHA1 指纹45:EF:86:D9:14:1C:AC:5B:45:CB:02:FD:BB:95:5B:75:5E:01:A3:EE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-010
11. 密码已破解:用户 'root'CRITICAL (CVSS 6.9)
描述
密码 '2015.ikuai8.com' 通过字典攻击破解
证据
/etc/shadow: root cracked with common password dictionary
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:L
ID: NYARC-011
12. 云控客户端: 私钥与证书泄露CRITICAL (CVSS 9.1)
描述
固件中发现私钥与证书配对。任何获取固件的攻击者均可冒充该服务。
Private Key: /etc/remote2/ca-certificates.d/ikuai/client.key
Certificate: /etc/remote2/ca-certificates.d/ikuai/client.crt
主体C = CN, ST = beijing, O = ikuai, OU = ikclient, CN = *.ikuai8.com
签发者C = CN, ST = beijing, L = bj, O = ikuai, OU = ik, CN = *.ikuai8.com
生效时间Aug 22 09:52:29 2019 GMT
过期时间Aug 19 09:52:29 2029 GMT
序列号02
SHA1 指纹FB:07:C4:91:0E:A9:26:86:98:4D:EE:CB:33:A1:8C:B6:E1:F4:B3:2F
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-012
13. 控制客户端(备用): 私钥与证书泄露CRITICAL (CVSS 6.1)
描述
固件中发现私钥与证书配对。任何获取固件的攻击者均可冒充该服务。
Private Key: /usr/ikuai/ctrlclient/priv.key (4096-bit RSA)
Certificate: /usr/ikuai/ctrlclient/cert.pem
主体C = CN, ST = BEIJING, O = IKUAI8 Ltd, OU = CERT 0001 OF CA REMOTE CONTROL 0002-01-0001 FOR IKUAI ROUTERS, CN = cert0001.rm_router0002-01-0001.ikuai8.com, emailAddress = [email protected]
签发者C = CN, ST = BEIJING, O = IKUAI8 Ltd, OU = REMOTE CONTROL 0002-01 FOR ROUTERS, CN = remote_control.rt0002-01.ikuai8.com, emailAddress = [email protected]
生效时间Dec 24 02:44:23 2015 GMT
过期时间Dec 22 02:44:23 2021 GMT
序列号100000
SHA1 指纹9B:3C:A3:86:B7:65:80:CB:A8:B4:BA:77:8B:B8:53:B4:84:99:6A:2B
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-013
14. 内嵌 CA: 私钥与证书泄露CRITICAL (CVSS 9.1)
描述
固件中发现私钥与证书配对。任何获取固件的攻击者均可冒充该服务。
Private Key: /etc/ssl/32015/ca.key (1024-bit RSA)
Certificate: /etc/ssl/32015/ca.crt
主体C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = download.ikuai8.com
签发者C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = download.ikuai8.com
生效时间Aug 29 04:13:19 2017 GMT
过期时间Dec 30 04:13:19 3016 GMT
序列号BD9552A22264C655
SHA1 指纹68:7C:26:F4:B4:20:1B:C5:04:AD:31:58:0E:4F:C1:04:08:6C:39:B6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-014
15. 内嵌 CA: 私钥与证书泄露CRITICAL (CVSS 9.1)
描述
固件中发现私钥与证书配对。任何获取固件的攻击者均可冒充该服务。
Private Key: /etc/ssl/32016/ca.key (1024-bit RSA)
Certificate: /etc/ssl/32016/ca.crt
主体C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = download.ikuai8.com
签发者C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = download.ikuai8.com
生效时间Aug 29 02:15:37 2017 GMT
过期时间Dec 30 02:15:37 3016 GMT
序列号92EDE68AEB529720
SHA1 指纹B8:4C:CB:B7:53:F6:70:9E:B8:D8:20:DB:8A:34:49:BE:85:E8:30:F0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-015
16. 内嵌 CA: 私钥与证书泄露CRITICAL (CVSS 9.1)
描述
固件中发现私钥与证书配对。任何获取固件的攻击者均可冒充该服务。
Private Key: /etc/ssl/32017/ca.key (1024-bit RSA)
Certificate: /etc/ssl/32017/ca.crt
主体C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = 302.ikuai8.com
签发者C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = 302.ikuai8.com
生效时间Sep 6 04:04:56 2017 GMT
过期时间Jan 7 04:04:56 3017 GMT
序列号E43325EF748B108B
SHA1 指纹EC:29:58:77:4B:E1:99:CC:DA:74:14:A2:B9:0B:D9:D7:EF:C9:D5:36
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-016
17. Web 服务器: 私钥与证书泄露CRITICAL (CVSS 9.1)
描述
固件中发现私钥与证书配对。任何获取固件的攻击者均可冒充该服务。
Private Key: /usr/openresty/ssl/server.key (2048-bit RSA)
Certificate: /usr/openresty/ssl/server.crt
主体C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = ikuai8.com
签发者C = CN, ST = BeiJing, L = BeiJing, O = iKuai, OU = iKuai, CN = ikuai8.com
生效时间Apr 21 07:23:05 2021 GMT
过期时间Aug 22 07:23:05 3020 GMT
序列号DB6C3FFC850ABE5E
SHA1 指纹45:EF:86:D9:14:1C:AC:5B:45:CB:02:FD:BB:95:5B:75:5E:01:A3:EE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
ID: NYARC-017
18. OpenSSL 1.0.0 — 已停止维护CRITICAL (CVSS 7.5)
描述
OpenSSL 1.0.x 已于 2020 年停止维护,存在大量已知漏洞(含远程代码执行)
证据
/usr/lib/libssl.so.1.0.0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
ID: NYARC-018
19. Generic backdoor detected (CVE-2023-50920): Lua random seed (check for predictable values)HIGH (CVSS 5.3)
描述
Lua random seed (check for predictable values)
证据
/usr/sbin/ikntpget
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware. Use /dev/urandom for session ID generation instead of math.random.
CVE
CVE-2023-50920
受影响组件
/usr/sbin/ikntpget
参考链接
https://github.com/gl-inet/CVE-issues
ID: NYARC-019
20. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/sbin/miniupnpd
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/sbin/miniupnpd
ID: NYARC-020
21. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/sbin/pmd
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/sbin/pmd
ID: NYARC-021
22. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/sbin/tkgen
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/sbin/tkgen
ID: NYARC-022
23. Generic backdoor detected (CVE-2023-50920): Lua random seed (check for predictable values)HIGH (CVSS 5.3)
描述
Lua random seed (check for predictable values)
证据
/usr/ikuai/script/ik_netoptimize.lua
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware. Use /dev/urandom for session ID generation instead of math.random.
CVE
CVE-2023-50920
受影响组件
/usr/ikuai/script/ik_netoptimize.lua
参考链接
https://github.com/gl-inet/CVE-issues
ID: NYARC-023
24. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/lib/libjansson.so
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/lib/libjansson.so
ID: NYARC-024
25. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/lib/libjansson.so.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/lib/libjansson.so.4
ID: NYARC-025
26. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/lib/libjansson.so.4.13.0
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/lib/libjansson.so.4.13.0
ID: NYARC-026
27. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/sbin/cre
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/sbin/cre
ID: NYARC-027
28. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/sbin/ik_rc_client
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/sbin/ik_rc_client
ID: NYARC-028
29. 远程控制配置文件暴露HIGH (CVSS 7.5)
描述
云控服务器地址在固件中明文可见
证据
etc/remote2/ikuai.conf { "as_server":{ "host":["as-v4.ikuai8.com:9444"], "ca_path":"/etc/remote2/ca-certificates.d/ikuai" } }
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
ID: NYARC-029
30. Generic backdoor detected: JSON parser library (sscanf overflow CVE in parse_object)HIGH (CVSS 5.3)
描述
JSON parser library (sscanf overflow CVE in parse_object)
证据
/usr/sbin/ik_stats_collect
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Update firmware to latest version. Review vendor security advisories.
受影响组件
/usr/sbin/ik_stats_collect
ID: NYARC-030
31. 用户 'sshd' 使用 MD5crypt 弱哈希MEDIUM (CVSS 5.3)
描述
MD5crypt ($1$) is a weak algorithm, recommend migration to SHA-512 ($6$)
证据
/etc/shadow: sshd:$1$BKY7uz3G$vw5dPaPb...
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
ID: NYARC-031
32. 用户 'root' 使用 MD5crypt 弱哈希MEDIUM (CVSS 5.3)
描述
MD5crypt ($1$) is a weak algorithm, recommend migration to SHA-512 ($6$)
证据
/etc/shadow: root:$1$9.EU8ItY$z4EfK4vQ...
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
ID: NYARC-032
33. 用户 'sshd' 使用 MD5crypt 弱哈希MEDIUM (CVSS 5.3)
描述
MD5crypt ($1$) is a weak algorithm, recommend migration to SHA-512 ($6$)
证据
/etc/shadow: sshd:$1$BKY7uz3G$vw5dPaPb...
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
ID: NYARC-033
34. Generic potential vulnerability: Telnet on non-standard port (potential backdoor)MEDIUM (CVSS 5.3)
描述
Telnet on non-standard port (potential backdoor)
证据
/sbin/sysinit
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
修复建议
Review this component for proper input validation and access control.
受影响组件
/sbin/sysinit
ID: NYARC-034
35. 用户 'root' 使用 MD5crypt 弱哈希MEDIUM (CVSS 5.3)
描述
MD5crypt ($1$) is a weak algorithm, recommend migration to SHA-512 ($6$)
证据
/etc/shadow: root:$1$9.EU8ItY$z4EfK4vQ...
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
ID: NYARC-035

5. 外连通信分析

域名分类引用
yun.ikuai8.com🟡 cloud
15 files
  • /usr/ikuai/function/backup
  • /usr/ikuai/function/cloud_bak
  • /usr/ikuai/function/ik_web_sdwan
  • /usr/ikuai/function/ikmessages
  • /usr/ikuai/function/nat_ddns
  • /usr/ikuai/function/register
  • /usr/ikuai/script/backup.sh
  • /usr/ikuai/script/cloud_bak.sh
  • /usr/ikuai/script/ik_web_sdwan.sh
  • /usr/ikuai/script/ikmessages.sh
  • /usr/ikuai/script/nat_ddns.sh
  • /usr/ikuai/script/register.sh
  • /usr/ikuai/www/static/js/first.json
  • /usr/openresty/lua/lib/webman.lua
  • /usr/sbin/ik_wpa_ppsk
dingtalk.c.app🟡 system
2 files
  • /usr/DTalkInside/sign_ikuai_x86_64
  • /usr/sbin/dtalkd
dis-v4.ikuai8.com🟡 system
2 files
  • /usr/sbin/cre
  • /usr/sbin/tkgen
routers.ikuai8.com🟡 system
2 files
  • /usr/bin/ik_audit_publisher
  • /usr/ikuai/script/ikaudit_update.sh
api.cloudflare.com🟡 api
2 files
  • /usr/ikuai/function/ddns
  • /usr/ikuai/script/ddns.sh
ftp.info-zip.org🟡 system
2 files
  • /usr/bin/unzip
  • /usr/bin/zip
restapi.amap.com🟡 system
  • /usr/sbin/speedtest-nearby-src
    • as1.ikuai8.com🟡 system
  • /usr/sbin/ik_rc_client
    • time4.aliyun.com🟡 system
  • /usr/sbin/ikntpget
    • schemas.microsoft.com🟡 system
  • /usr/bin/wsdd2
    • pkgmgr-v4.ikuai8.com🟡 system
  • /usr/sbin/pmd
    • time1.aliyun.com🟡 system
  • /usr/sbin/ikntpget
    • patch.ikuai8.com🟡 system
  • /usr/sbin/speedtest-nearby-src
    • time5.aliyun.com🟡 system
  • /usr/sbin/ikntpget
    • api.weibo.com🟡 api
  • /usr/openresty/lua/webauth/release.lua
    • cloud.ikuai8.com🟡 cloud
  • /usr/ikuai/www/static/js/first.json
    • 2015.ikuai8.com🟡 system
  • /usr/sbin/vsftpx
    • ntp3.ikuai8.com🟡 system
  • /usr/sbin/ikntpget
    • stedolan.github.com🟡 system
  • /usr/sbin/jq
    • audit.ikuai8.com🟡 telemetry
  • /usr/ikuai/script/ikaudit_update.sh
    • time3.aliyun.com🟡 system
  • /usr/sbin/ikntpget
    • ntp2.aliyun.com🟡 system
  • /usr/sbin/ikntpget
    • as2.ikuai8.com🟡 system
  • /usr/sbin/ik_rc_client
    • time2.aliyun.com🟡 system
  • /usr/sbin/ikntpget
    • ntp2.ikuai8.com🟡 system
  • /usr/sbin/ikntpget
    • update.ikuai8.com🟡 update
  • /usr/ikuai/ctrlclient/conf.json
    • ntp1.ikuai8.com🟡 system
  • /usr/sbin/ikntpget
    • rsync.samba.org🟡 system
  • /usr/bin/rsync
    • software.es.net🟡 system
  • /usr/bin/iperf3
    • listi.jpberlin.de🟡 system
  • /usr/sbin/smartctl

    • 6. 加固建议

    建议:审查所有外连通信,更换默认凭据,升级过时的加密库。

    Nyarc Professional v1.2.0 — Firmware Reverse Engineering Console

    机密 | 2026-04-22 23:22:04 UTC