WordPress XMLRPC 'system.multicall' Brute Force Amplification Vulnerability
Schweregrad: : Alto
Data do informe: 31 maio 2016
Descrição
WordPress sites are prone to brute force attacks by XMLRPC API using 'System.multicall' method. Attacker can brute force web application password by sending many passwords in one large HTTP request to XMLRPC API.
Exposição das informações
Apply associated Trend Micro DPI Rules.
Solução
Trend Micro Deep Security DPI Rule Number: 1007138