Baal Smart Forms before 3.2 allows remote attackers to bypass authentication and obtain system access via a direct request to regadmin.php.
Threat-Mapped Scoring
Score: 0.0
Priority: Unclassified
EPSS
Score: 0.00636
Percentile:
0.69513
CVSS Scoring
CVSS v2 Score: 7.5
Severity:
Mapped CWE(s)
-
CWE-425
: Direct Request ('Forced Browsing')
All CAPEC(s)
-
CAPEC-127: Directory Indexing
-
CAPEC-143: Detect Unpublicized Web Pages
-
CAPEC-144: Detect Unpublicized Web Services
-
CAPEC-668: Key Negotiation of Bluetooth Attack (KNOB)
-
CAPEC-87: Forceful Browsing
CAPEC(s) with Mapped TTPs
-
CAPEC-127: Directory Indexing
Mapped TTPs:
-
T1083
: File and Directory Discovery
-
CAPEC-668: Key Negotiation of Bluetooth Attack (KNOB)
Mapped TTPs:
Mapped ATT&CK TTPs
-
T1083
: File and Directory Discovery
Kill Chain: discovery
-
T1565.002
: Transmitted Data Manipulation
Kill Chain: impact
Malware
APTs Threat Group Associations
Campaigns
- Operation Wocao
- SolarWinds Compromise
- Operation CuckooBees
- Operation Honeybee
- Operation Dream Job
- C0015
- Night Dragon
- KV Botnet Activity
Affected Products
- cpe:2.3:a:baalsystems:baal_smart_forms:*:*:*:*:*:*:*:*
← Back to Home