Over 10 years we help companies reach their financial and branding goals. Engitech is a values-driven technology agency dedicated.

Gallery

Contacts

411 University St, Seattle, USA

engitech@oceanthemes.net

+1 -800-456-478-23

Twitter Facebook-f Pinterest-p Instagram

Honeypot: FortiWeb CVE-2025-64446 Exploits, (Sat, Nov 15th)SANS Internet Storm Center, InfoCON: green

Security News
SecurityHomeImg
_ _ Tech Jacks Solutions_ 0 Comments

Like many have reported, we too noticed exploit attempts for CVE-2025-64446 in our honeypots.

These are POST requests to this path:

AzTmJd22YDFFAAAAAElFTkSuQmCC

With this User Agent String:

And this is the data of the POST request:

wkpnpjKzS54AAAAASUVORK5CYII=

This creates a new admin user (profile: prof_admin).

You can find this JSON data back in this PoC.

 

Didier Stevens
Senior handler
blog.DidierStevens.com

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License. Read More 

9

Author

Tech Jacks Solutions

Leave a comment

Your email address will not be published. Required fields are marked *