|
Family: General --> Category: infos
FlexWATCH Authentication Bypassing Vulnerability Scan
Vulnerability Scan Summary Detect FlexWATCH Authentication Bypassing
Detailed Explanation for this Vulnerability Test
There is a vulnerability in the current version of FlexWATCH that allows an
attacker to access administrative sections without being required to
authenticate.
A possible hacker may use this flaw to gain the list of user accounts on this system
and the ability to reconfigure this service.
This is done by adding an additional '/' at the begining of the URL.
Solution : None at this time - filter incoming traffic to this port
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|