WordPress XMLRPC 'system.multicall' Brute Force Amplification Vulnerability
Schweregrad:: Hoch
Hinweisdatum: 31 Mai 2016
Beschreibung
WordPress sites are prone to brute force attacks by XMLRPC API using 'System.multicall' method. Attacker can brute force web application password by sending many passwords in one large HTTP request to XMLRPC API.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1007138