LOGIN
CONTACT SALES
LOGIN
CONTACT SALES

Admin panel exposed

Description

During the scan, Cytrix managed to find that the administrator’s login page is viewable and accessible through any IP address.

An attacker could exploit this finding to perform BruteForce attacks against users, or, to create a similar phishing page scamming users and more.

Recommendation

Define and restrict access which IP addresses are allowed to access the administrator’s login page.
Remember, only authorized personal should have access to this page, block access to anyone other than them.

References

https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/05-Enumerate_Infrastructure_and_Application_Admin_Interfaces

< Return to all Vulnerabilities

Request a Demo

Crossing Scripts – XSS

Injections. SQL Injections. Cross-site Scripting (hence the amazing title “Crossing Scripts – XSS”). There all sorts of Injection-Based attacks, if you want to read about

Read More »

The Dark Web

Let’s talk about the darker and more mysterious side of the internet, also known as The Dark Web. You’ve probably heard about it, whether it’s

Read More »

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

Read More »
Facebook Linkedin

Company

Resources

Docs

Latest posts

PING US
Facebook Linkedin