WordPress XMLRPC 'system.multicall' Brute Force Amplification Vulnerability
Gravità: : Alto
Data notifica: 31 maggio 2016
Descrizione
WordPress sites are prone to brute force attacks by XMLRPC API using 'System.multicall' method. Attacker can brute force web application password by sending many passwords in one large HTTP request to XMLRPC API.
Informazioni esposizione:
Apply associated Trend Micro DPI Rules.
Soluzioni
Trend Micro Deep Security DPI Rule Number: 1007138