Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Eyes Of Network (EON) Multiple API Vulnerabilities
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Eyes Of Network (EON) is prone to multiple vulnerabilities over the API.
Insight
Insight
Eyes Of Network (EON) is prone to multiple vulnerabilities: - SQL injection vulnerability allowing an unauthenticated attacker to perform various tasks such as authentication bypass (CVE-2020-8656) - Hardcoded EONAPI_KEY allowing an attacker to calculate/guess the admin access token (CVE-2020-8657)
Affected Software
Affected Software
Eyes Of Network API version 2.4.2 and probably prior.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
No known solution is available as of 11th February, 2020. Information regarding this issue will be updated once solution details are available.