Admin panel exposed

Home » blog » Admin panel exposed

Description

During the scan, Kayran managed to find that the administrator’s login page is viewable and accessible through any IP address.

An attacker could exploit this finding to perform BruteForce attacks against users, or, to create a similar phishing page scamming users and more.

Recommendation

Define and restrict access which IP addresses are allowed to access the administrator’s login page.
Remember, only authorized personal should have access to this page, block access to anyone other than them.

References

https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/02-Configuration_and_Deployment_Management_Testing/05-Enumerate_Infrastructure_and_Application_Admin_Interfaces

< Return to all Vulnerabilities

Spywares – 007’ing Your Devices

We’ve talked about Malwares before. Let’s talk about one of the most dangerous types of malwares: Spywares. One of my favorite movie series is James

What is Kayran

Kayran scanner is helping all businesses, both SMBs and enterprises, to test their online assets and products for over 9000 vulnerabilities.Kayran’s mission is to make

Playing Online? Dangers that exist in Online Games

Browser Games? Is it Safe to be Playing Online? What are Dangers that exist in Online Games? Is it better to download and play software

APT vs. ATP

In this article we will talk about APT vs. ATP. In other words, Advanced Persistent Threat and Advanced Threat Protection and the context between these

The fundamentals of HTML

HTML is not a single word, in oppose to what many people think, HTML stands for HyperText Markup Language, and from the fact the language’s

Your SQL got the I(njection)

We’ve talked about it before right? or am i the only one having a Deja-Vu? Or an SQL Injection? No on likes doctors, or needles,

WEB APPLICATION VULNERABILITY SCANNER