WordPress XMLRPC 'system.multicall' Brute Force Amplification Vulnerability
危険度: 高
情報公開日: 5 31, 2016
概要
WordPress sites are prone to brute force attacks by XMLRPC API using 'System.multicall' method. Attacker can brute force web application password by sending many passwords in one large HTTP request to XMLRPC API.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1007138