Plugins Database As of 11-21-2019

PPTP Server/Device Compromised

General
Impact by CVSS Score
  • ID: 1.3.6.1.4.1.25623.1.0.108661

CVSS Base Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Detection Type:
Remote Banner

Solution Type:
Workaround

Summary:
The remote PPTP Server/Device might have been compromised by an attacker or a worm.

Impact:
The device might be used by an attacker as a jump host to get access to an internal network. It also might be part of a botnet.

Detection Method:
Checks the device hostname previously gathered via the PPTP Protocol.

Recommendations:
A factory reset of the device is required. Afterwards all available updates should be applied and a strong password chosen for the device access. Please contact the vendor if further steps are required to clean up and protect the device.

Search
Severity
High
CVSS Score
10.0
Published
2019-10-08 13:56:07
Modified
2019-10-08 14:13:49

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities. It is free and always will be.