AmosConnect 8 Vulnerability: Remote Code Execution via Hard-coded Credentials

CVE-2017-3222 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Hard-coded credentials in AmosConnect 8 allow remote attackers to gain full administrative privileges, including the ability to execute commands on the Microsoft Windows host platform with SYSTEM privileges by abusing AmosConnect Task Manager.

Learn more about our Web Application Penetration Testing UK.