漏洞类别:CGI
漏洞等级: 
漏洞信息
XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode its calls and HTTP as a transport mechanism. "XML-RPC" also refers generically to the use of XML for remote procedure call, independently of the specific protocol. It is used to extend functionality to remote clients
QID Detection Logic:
This unauthenticated QID launches a XML-RPC request to fetch the supported methods on the web application.
漏洞危害
If the XML-RPC interface can provide an attacker with information that can aide in launching further attacks.
解决方案
N/A
Workaround:
Customers are advised to prevent unauthorized public exposure of the XML-RPC interface.
0daybank
文章评论