TCP 8090
Synopsis
- Atlassian Confluence Server/Data Center uses TCP 8090 by default for its built-in HTTP service (e.g., http://host:8090) in the standalone distribution.
- Sophos/Cyberoam firewalls commonly serve their captive portal/user authentication page on TCP 8090 (e.g., http://
:8090). - Apache Druid’s Overlord service exposes its REST API and web console on TCP 8090 by default.
- Because Confluence often runs on 8090, attackers frequently scan this port to exploit well-known Confluence remote code execution flaws (e.g., CVE-2021-26084, CVE-2022-26134); Apache Druid (including the Overlord on 8090) has also had RCE issues (e.g., CVE-2021-25646) abused when exposed.
Observed activity
Last 30 days
Detailed chart