CVE-2020-25987

CVE-2020-25987

EPSS 1.6%

MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/159430/MonoCMS-Blog-1.0-File-Deletion-CSRF-Hardcoded-Credentials.html https://monocms.com/download