XML-RPC.NET.pingback.XXE
Description
This indicates an attack attempt to exploit an External Entity Injection Vulnerability in XML-RPC.NET.
The vulnerability is caused by improper parsing and sanitation on XML data posted to a pingback endpoint on a server running XML-RPC.NET. An authenticated attacker can exploit this with a constructed payload to enumerate and exfiltrate files on the server.
Affected Products
XML-RPC.NET versions prior to 2.5.0
Impact
Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems.
Recommended Actions
Upgrade to the latest version, available from the website.
https://code.google.com/archive/p/xmlrpcnet/downloads
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |