Service:
mysqld
Protocol:
TCPPort:
3306Used for:
SQL database accessWhy It’s Open
Standard port for MySQL — common in LAMP/LEMP stacks and backend infrastructure.
Common Risks
- Default Credentials or Weak Passwords
- Remote Root Access Enabled
- SQL Injection from Web Apps
Want to save time on reporting?
Let PentestPad generate, track, and export your reports - automatically.
Enumeration & Testing
Nmap info
nmap -p 3306 -sV
nmap -p 3306 --script mysql-infoMySQL
mysql -h -u root -p
sqlSHOW DATABASES;SELECT user, host FROM mysql.user;What to Look For
| Checkpoint | What it means |
|---|---|
| Remote root login | Should be disabled |
| No password or weak | Common in dev/test setups |
| Old version | May contain known exploits |
Known Exploits
- CVE-2015-2620
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.
🔗 NVD entry
Mitigation
- Require strong passwords.
- Disable root remote login.
- Restrict access via host/IP.
- Patch regularly.
TL;DR
- Service: MySQL (Relational Database)
- Default Port: 3306
- Risks: Weak authentication, privilege escalation
- Mitigation: Use strong passwords, restrict access, keep software updated