Twonky Server version 8.5.2 contains two critical authentication bypass vulnerabilities that allow unauthenticated attackers to steal administrator credentials and take complete control of the media server. Security researchers at Rapid7 discovered that an attacker can leak encrypted admin passwords through an unprotected API endpoint, then decrypt them using hardcoded encryption keys embedded directly in the […]

The post Critical Twonky Server Flaws Let Hackers Bypass Login Protection appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/critical-twonky-server-flaws/