Honeypot: FortiWeb CVE-2025-64446 Exploits, (Sat, Nov 15th)
Published: 2025-11-15. Last Updated: 2025-11-15 09:44:35 UTCby Didier Stevens (Version: 1)Like m 2025-11-15 09:44:35 Author: isc.sans.edu(查看原文) 阅读量:4 收藏
Published: 2025-11-15. Last Updated: 2025-11-15 09:44:35 UTCby Didier Stevens (Version: 1)Like m 2025-11-15 09:44:35 Author: isc.sans.edu(查看原文) 阅读量:4 收藏
Published: 2025-11-15. Last Updated: 2025-11-15 09:44:35 UTC
by Didier Stevens (Version: 1)
Like many have reported, we too noticed exploit attempts for CVE-2025-64446 in our honeypots.
These are POST requests to this path:
With this User Agent String:
And this is the data of the POST request:
This creates a new admin user (profile: prof_admin).
You can find this JSON data back in this PoC.
Didier Stevens
Senior handler
blog.DidierStevens.com
文章来源: https://isc.sans.edu/diary/rss/32486
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh